ID CVE-2015-4856
Summary Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.0.30, 4.1.38, 4.2.30, 4.3.26, and 5.0.0 allows local users to affect availability via unknown vectors related to Core.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.29
    cpe:2.3:a:oracle:vm_virtualbox:4.0.29
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.37
    cpe:2.3:a:oracle:vm_virtualbox:4.1.37
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.29
    cpe:2.3:a:oracle:vm_virtualbox:4.2.29
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.25
    cpe:2.3:a:oracle:vm_virtualbox:4.3.25
CVSS
Base: 4.9 (as of 26-05-2016 - 08:38)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
NASL family Misc.
NASL id VIRTUALBOX_4_3_26.NASL
description The Oracle VM VirtualBox application installed on the remote host is a version prior to 4.0.30, 4.1.38, 4.2.30, 4.3.26, or 5.0.0. It is, therefore, affected by an unspecified flaw in the Core subcomponent. A local attacker can exploit this to cause a denial of service.
last seen 2019-02-21
modified 2018-11-07
plugin id 86567
published 2015-10-23
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=86567
title Oracle VM VirtualBox < 4.0.30 / 4.1.38 / 4.2.30 / 4.3.26 / 5.0.0 Core DoS (October 2015 CPU)
refmap via4
confirm http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
sectrack 1033880
Last major update 23-12-2016 - 21:59
Published 21-10-2015 - 19:59
Back to Top