ID CVE-2011-2305
Summary Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
References
Vulnerable Configurations
  • Oracle VM VirtualBox 4.0
    cpe:2.3:a:oracle:vm_virtualbox:4.0
  • Oracle VM VirtualBox 3.0
    cpe:2.3:a:oracle:vm_virtualbox:3.0
  • Oracle VM VirtualBox 3.1
    cpe:2.3:a:oracle:vm_virtualbox:3.1
  • Oracle VM VirtualBox 3.2
    cpe:2.3:a:oracle:vm_virtualbox:3.2
CVSS
Base: 6.2 (as of 19-08-2016 - 11:55)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Windows
    NASL id VIRTUALBOX_4_0_8.NASL
    description The remote host contains a version of Oracle VM VirtualBox or Sun xVM VirtualBox 3.0, 3.1, 3.2, or 4.0.x prior to 4.0.10. As such, it is reportedly affected by two vulnerabilities : - A local user can exploit a flaw in Guest Additions for Windows to gain partial elevated privileges. This issue only affects version 4.0.x. (CVE-2011-2300) - A local user can exploit an unspecified flaw to gain full control of the target system. (CVE-2011-2305)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 62798
    published 2012-11-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62798
    title Oracle VM VirtualBox 3.x / 4.0.x < 4.0.10 Local Integer Overflows
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201204-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-201204-01 (VirtualBox: Multiple vulnerabilities) Multiple unspecified vulnerabilities have been discovered in VirtualBox. Please review the CVE identifiers referenced below for details. Impact : A local attacker may be able to gain escalated privileges via unknown attack vectors. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 59617
    published 2012-06-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59617
    title GLSA-201204-01 : VirtualBox: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_4_PYTHON-VIRTUALBOX-110802.NASL
    description Two privilege escalation vulnerabilities in VirtualBox have been fixed. - CVE-2011-2300: CVSS v2 Base Score: 3.7 (AV:L/AC:H/Au:N/C:P/I:P/A:P) - CVE-2011-2305: CVSS v2 Base Score: 6.2 (AV:L/AC:H/Au:N/C:C/I:C/A:C)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 76004
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76004
    title openSUSE Security Update : python-virtualbox (openSUSE-SU-2011:0873-1)
oval via4
accepted 2014-02-17T04:00:09.037-05:00
class vulnerability
contributors
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
definition_extensions
comment VirtualBox is installed
oval oval:org.mitre.oval:def:11581
description Unspecified vulnerability in Oracle VM VirtualBox 3.0, 3.1, 3.2, and 4.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
family windows
id oval:org.mitre.oval:def:12983
status accepted
submitted 2011-10-11T15:20:33.178-04:00
title Unspecified vulnerability in Oracle VM VirtualBox
version 14
refmap via4
cert TA11-201A
confirm http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html
gentoo GLSA-201204-01
sectrack 1025805
secunia 48755
Last major update 19-08-2016 - 14:30
Published 20-07-2011 - 20:55
Last modified 18-09-2017 - 21:32
Back to Top