- Home
- CVEs with nessus.description==The version of the Oracle VM VirtualBox application installed on the
remote host is 5.0.x prior to 5.0.28 or 5.1.x prior to 5.1.8. It is,
therefore, affected by multiple vulnerabilities :
- Multiple unspecified flaws exist in the Core
subcomponent that allow a local attacker to gain
elevated privileges. (CVE-2016-5501, CVE-2016-5538)
- An unspecified flaw exists in the VirtualBox Remote
Desktop Extension (VRDE) subcomponent that allows an
unauthenticated, remote attacker to impact
confidentiality and integrity. (CVE-2016-5605)
- Multiple unspecified flaws exist in the Core
subcomponent that allow a local attacker to cause a
denial of service condition. (CVE-2016-5608,
CVE-2016-5613)
- An unspecified flaw exists in the Core subcomponent that
allows a local attacker to impact on integrity and
availability. (CVE-2016-5610)
- An unspecified flaw exists in the Core subcomponent that
allows a local attacker to disclose sensitive
information. (CVE-2016-5611)
- A flaw exists in the OpenSSL subcomponent, specifically
within the ssl_parse_clienthello_tlsext() function in
t1_lib.c due, to improper handling of overly large OCSP
Status Request extensions from clients. An
unauthenticated, remote attacker can exploit this, via
large OCSP Status Request extensions, to exhaust memory
resources, resulting in a denial of service condition.
(CVE-2016-6304)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top