ID CVE-2014-0981
Summary VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local guest OS users to execute arbitrary code on the Chromium server via crafted Chromium network pointer in a (1) CR_MESSAGE_READBACK or (2) CR_MESSAGE_WRITEBACK message to the VBoxSharedCrOpenGL service, which triggers an arbitrary pointer dereference and memory corruption. NOTE: this issue was MERGED with CVE-2014-0982 because it is the same type of vulnerability affecting the same set of versions. All CVE users should reference CVE-2014-0981 instead of CVE-2014-0982.
References
Vulnerable Configurations
  • Oracle VM VirtualBox 4.2.0
    cpe:2.3:a:oracle:vm_virtualbox:4.2.0
  • Oracle VM VirtualBox 4.2.2
    cpe:2.3:a:oracle:vm_virtualbox:4.2.2
  • Oracle VM VirtualBox 4.2.4
    cpe:2.3:a:oracle:vm_virtualbox:4.2.4
  • Oracle VM VirtualBox 4.2.6
    cpe:2.3:a:oracle:vm_virtualbox:4.2.6
  • Oracle VM VirtualBox 4.2.8
    cpe:2.3:a:oracle:vm_virtualbox:4.2.8
  • Oracle VM VirtualBox 4.2.10
    cpe:2.3:a:oracle:vm_virtualbox:4.2.10
  • Oracle VM VirtualBox 4.2.12
    cpe:2.3:a:oracle:vm_virtualbox:4.2.12
  • Oracle VM VirtualBox 4.2.14
    cpe:2.3:a:oracle:vm_virtualbox:4.2.14
  • Oracle VM VirtualBox 4.2.16
    cpe:2.3:a:oracle:vm_virtualbox:4.2.16
  • Oracle VM VirtualBox 4.2.18
    cpe:2.3:a:oracle:vm_virtualbox:4.2.18
  • Oracle VM VirtualBox 4.2.20
    cpe:2.3:a:oracle:vm_virtualbox:4.2.20
  • Oracle VM VirtualBox 4.3.0
    cpe:2.3:a:oracle:vm_virtualbox:4.3.0
  • Oracle VM VirtualBox 4.3.2
    cpe:2.3:a:oracle:vm_virtualbox:4.3.2
  • Oracle VM VirtualBox 4.3.4
    cpe:2.3:a:oracle:vm_virtualbox:4.3.4
  • Oracle VM VirtualBox 4.3.6
    cpe:2.3:a:oracle:vm_virtualbox:4.3.6
CVSS
Base: 4.4 (as of 31-03-2014 - 13:54)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities. CVE-2014-0981,CVE-2014-0982,CVE-2014-0983. Dos exploits for multiple platform
file exploits/multiple/dos/32208.txt
id EDB-ID:32208
last seen 2016-02-03
modified 2014-03-12
platform multiple
port
published 2014-03-12
reporter Core Security
source https://www.exploit-db.com/download/32208/
title Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities
type dos
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2904.NASL
    description Francisco Falcon discovered that missing input sanitizing in the 3D acceleration code in VirtualBox could lead to the execution of arbitrary code on the host system.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 73534
    published 2014-04-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73534
    title Debian DSA-2904-1 : virtualbox - security update
  • NASL family Windows
    NASL id VIRTUALBOX_4_3_8.NASL
    description The remote host contains a version of Oracle VM VirtualBox that is 3.2.x prior to 3.2.22, 4.0.24, 4.1.32, 4.2.24 or 4.3.8. It is, therefore, potentially affected by the following vulnerabilities : - An input validation error exists in the function 'crNetRecvReadback' in the file 'GuestHost/OpenGL/util/net.c' related to handling CR_MESSAGE_READBACK and CR_MESSAGE_WRITEBACK messages that could allow memory corruption leading to application crashes and possibly arbitrary code execution. (CVE-2014-0981) - An input validation error exists related to the Chromium server and the handling of CR_VERTEXATTRIB4NUBARB_OPCODE messages that could allow memory corruption leading to application crashes and possibly arbitrary code execution. (CVE-2014-0983)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 72985
    published 2014-04-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72985
    title Oracle VM VirtualBox < 3.2.22 / 4.0.24 / 4.1.32 / 4.2.24 / 4.3.8 Multiple Memory Corruption
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201612-27.NASL
    description The remote host is affected by the vulnerability described in GLSA-201612-27 (VirtualBox: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in VirtualBox. Please review the CVE identifiers referenced below for details. Impact : Local attackers could cause a Denial of Service condition, execute arbitrary code, or escalate their privileges. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-09-04
    plugin id 95695
    published 2016-12-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95695
    title GLSA-201612-27 : VirtualBox: Multiple vulnerabilities (Venom)
packetstorm via4
data source https://packetstormsecurity.com/files/download/125660/CORE-2014-0002.txt
id PACKETSTORM:125660
last seen 2016-12-05
published 2014-03-11
reporter Core Security Technologies
source https://packetstormsecurity.com/files/125660/Oracle-VirtualBox-3D-Acceleration-Memory-Corruption.html
title Oracle VirtualBox 3D Acceleration Memory Corruption
refmap via4
bugtraq 20140311 CORE-2014-0002 - Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities
confirm
debian DSA-2904
fulldisc 20140311 CORE-2014-0002 - Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities
gentoo GLSA-201612-27
misc http://www.coresecurity.com/advisories/oracle-virtualbox-3d-acceleration-multiple-memory-corruption-vulnerabilities
secunia 57384
Last major update 24-04-2014 - 01:04
Published 31-03-2014 - 10:58
Last modified 09-10-2018 - 15:42
Back to Top