Summary
Detail | |||
---|---|---|---|
Vendor | Sun | First view | 2009-08-07 |
Product | Virtualbox | Last view | 2009-11-16 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
2.1 | 2009-11-16 | CVE-2009-3940 | Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12, 2.1.x, and 2.2.x, and Sun VirtualBox before 3.0.10, allows guest OS users to cause a denial of service (memory consumption) on the guest OS via unknown vectors. |
7.5 | 2009-11-09 | CVE-2009-3923 | The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server. |
7.2 | 2009-10-13 | CVE-2009-3692 | Unspecified vulnerability in the VBoxNetAdpCtl configuration tool in Sun VirtualBox 3.0.x before 3.0.8 on Solaris x86, Linux, and Mac OS X allows local users to gain privileges via unknown vectors. |
4.9 | 2009-08-07 | CVE-2009-2715 | Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to cause a denial of service (Linux host OS reboot) via a sysenter instruction. |
4.9 | 2009-08-07 | CVE-2009-2714 | Unspecified vulnerability in Sun VirtualBox 3.0.0 and 3.0.2 allows guest OS users to cause a denial of service (host OS reboot) via unknown vectors. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (1) | CWE-287 | Improper Authentication |
50% (1) | CWE-20 | Improper Input Validation |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:16725 | Unspecified vulnerability in Sun VirtualBox 3.0.0 and 3.0.2 |
oval:org.mitre.oval:def:16163 | DEPRECATED: Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to ... |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
60098 | Sun VirtualBox Guest Additions Kernel Memory Exhaustion Local DoS |
59685 | Sun Virtual Desktop Infrastructure (VDI) VirtualBox Web Service Unspecified R... |
58652 | Sun VirtualBox VBoxNetAdpCtl Configuration Tool Unspecified Local Privilege E... |
56893 | Sun VirtualBox sysenter Instruction Local DoS |
56810 | Sun VirtualBox Unspecified Local DoS |
ExploitDB Exploits
id | Description |
---|---|
9973 | Sun VirtualBox <= 3.0.6 privilege escalation |
OpenVAS Exploits
id | Description |
---|---|
2010-03-12 | Name : Mandriva Update for virtualbox MDVSA-2010:059 (virtualbox) File : nvt/gb_mandriva_MDVSA_2010_059.nasl |
2010-02-15 | Name : Mandriva Update for msec MDVA-2010:059 (msec) File : nvt/gb_mandriva_MDVA_2010_059.nasl |
2010-01-20 | Name : Gentoo Security Advisory GLSA 201001-04 (virtualbox-bin virtualbox-ose virtua... File : nvt/glsa_201001_04.nasl |
2009-11-26 | Name : Sun VirtualBox or xVM VirtualBox Denial Of Service Vulnerability (Linux) File : nvt/secpod_sun_virtualbox_dos_vuln_lin.nasl |
2009-11-26 | Name : Sun VirtualBox or xVM VirtualBox Denial Of Service Vulnerability (Win) File : nvt/secpod_sun_virtualbox_dos_vuln_win.nasl |
2009-11-20 | Name : Sun VirtualBox 'VBoxNetAdpCtl' Privilege Escalation Vulnerability File : nvt/secpod_sun_virtualbox_priv_esc_vuln_lin.nasl |
2009-10-13 | Name : FreeBSD Ports: virtualbox File : nvt/freebsd_virtualbox.nasl |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2010-03-11 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2010-059.nasl - Type: ACT_GATHER_INFO |
2010-02-25 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201001-04.nasl - Type: ACT_GATHER_INFO |
2010-02-02 | Name: The remote openSUSE host is missing a security update. File: suse_11_0_virtualbox-ose-100126.nasl - Type: ACT_GATHER_INFO |
2010-02-02 | Name: The remote openSUSE host is missing a security update. File: suse_11_1_virtualbox-ose-100126.nasl - Type: ACT_GATHER_INFO |
2010-02-02 | Name: The remote openSUSE host is missing a security update. File: suse_11_2_virtualbox-ose-100121.nasl - Type: ACT_GATHER_INFO |
2009-11-17 | Name: The remote Windows host is running a set of virtualization utilities that is ... File: virtualbox_guest_additions_local_dos.nasl - Type: ACT_GATHER_INFO |
2009-10-08 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_ebeed063b32811deb6a50030843d3802.nasl - Type: ACT_GATHER_INFO |
2009-08-13 | Name: The remote host is missing Sun Security Patch number 141481-03 File: solaris10_141481.nasl - Type: ACT_GATHER_INFO |
2009-08-13 | Name: The remote host is missing Sun Security Patch number 141482-03 File: solaris10_x86_141482.nasl - Type: ACT_GATHER_INFO |
2009-08-11 | Name: The remote Windows host has an application that is affected by local denial o... File: virtualbox_3_0_4.nasl - Type: ACT_GATHER_INFO |