ID CVE-2019-2523
Summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:vm_virtualbox:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:1.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:1.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:1.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:1.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:1.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:1.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:1.6.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:1.6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:2.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:2.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.2.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.2.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.2.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.2.20:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.2.20:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.2.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.2.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:3.2.24:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:3.2.24:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.20:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.24:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.24:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.26:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.26:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.31:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.31:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.32:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.32:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.34:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.34:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.0.36:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.0.36:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.20:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.20:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.24:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.24:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.26:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.26:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.28:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.28:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.30:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.30:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.32:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.32:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.34:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.34:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.39:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.39:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.40:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.40:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.42:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.42:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.1.44:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.1.44:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.20:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.20:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.24:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.24:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.26:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.26:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.28:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.28:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.30:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.30:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.31:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.31:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.32:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.32:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.34:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.34:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.2.36:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.2.36:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.24:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.24:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.26:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.26:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.28:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.28:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.29:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.29:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.30:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.30:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.32:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.32:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.34:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.34:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.35:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.35:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.36:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.36:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:4.3.38:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:4.3.38:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.20:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.24:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.24:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.26:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.26:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.27:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.27:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.28:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.28:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.30:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.30:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.32:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.32:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.34:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.34:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.36:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.36:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.38:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.38:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.0.40:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.0.40:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.20:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.20:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.24:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.24:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.26:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.26:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.28:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.28:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.30:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.30:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.32:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.32:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.34:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.34:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.36:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.36:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.1.38:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.1.38:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.2.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.2.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.2.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.2.20:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.2.20:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:5.2.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:5.2.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:vm_virtualbox:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:vm_virtualbox:6.0.0:*:*:*:*:*:*:*
CVSS
Base: 4.4 (as of 11-06-2019 - 22:29)
Impact:
Exploitability:
CWE CWE-284
CAPEC
  • Embedding Scripts within Scripts
    An attack of this type exploits a programs' vulnerabilities that are brought on by allowing remote hosts to execute scripts. The attacker leverages this capability to execute scripts to execute his/her own script by embedding it within other scripts that the target software is likely to execute. The attacker must have the ability to inject script into script that is likely to be executed. If this is done, then the attacker can potentially launch a variety of probes and attacks against the web server's local environment, in many cases the so-called DMZ, back end resources the web server can communicate with, and other hosts. With the proliferation of intermediaries, such as Web App Firewalls, network devices, and even printers having JVMs and Web servers, there are many locales where an attacker can inject malicious scripts. Since this attack pattern defines scripts within scripts, there are likely privileges to execute said attack on the host. Of course, these attacks are not solely limited to the server side, client side scripts like Ajax and client side JavaScript can contain malicious scripts as well. In general all that is required is for there to be sufficient privileges to execute a script, but not protected against writing.
  • Signature Spoofing by Key Theft
    An attacker obtains an authoritative or reputable signer's private signature key by theft and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 106568
confirm http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
Last major update 11-06-2019 - 22:29
Published 16-01-2019 - 19:30
Back to Top