oval:org.mitre.oval:def:24120

Definition Id: oval:org.mitre.oval:def:24120
 
Oval ID: oval:org.mitre.oval:def:24120
Title: Vulnerability in the VirtualBox component in Oracle VirtualBox 4.2.x through 4.2.20 and 4.3.x before 4.3.8 when using 3D Acceleration, allow local guest OS users to execute arbitrary code on the Chromium server (CVE-2014-0981)
Description: VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local guest OS users to execute arbitrary code on the Chromium server via crafted Chromium network pointer in a (1) CR_MESSAGE_READBACK or (2) CR_MESSAGE_WRITEBACK message to the VBoxSharedCrOpenGL service, which triggers an arbitrary pointer dereference and memory corruption. NOTE: this issue was MERGED with CVE-2014-0982 because it is the same type of vulnerability affecting the same set of versions. All CVE users should reference CVE-2014-0981 instead of CVE-2014-0982.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0981
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): VirtualBox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11581
 
Oval ID: oval:org.mitre.oval:def:11581
Title: VirtualBox is installed
Description: VirtualBox is installed
Family: windows Class: inventory
Reference(s): cpe:/a:oracle:xvm_virtualbox
Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): VirtualBox
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:24120