CVE-2012-3221 - Unspecified vulnerability in the Oracle VM Virtual Box component in Oracle Virtualization 3.2, 4.0,

CVE-2012-3221

Summary

Unspecified vulnerability in the Oracle VM Virtual Box component in Oracle Virtualization 3.2, 4.0, and 4.1 allows local users to affect availability via unknown vectors related to VirtualBox Core. NOTE: The previous information was obtained from the October 2012 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect interrupt handling."

References

Vulnerable Configurations

cpe:2.3:a:oracle:virtualization:3.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:virtualization:3.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:virtualization:4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:virtualization:4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:virtualization:4.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:virtualization:4.1:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 19-09-2017 - 01:35)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:N/A:P

oval via4

accepted

2014-02-17T04:00:11.249-05:00

class

vulnerability

contributors

name Sergey Artykhov
organization ALTX-SOFT
name Maria Kedovskaya
organization ALTX-SOFT
name Maria Kedovskaya
organization ALTX-SOFT

definition_extensions

comment	VirtualBox is installed
oval	oval:org.mitre.oval:def:11581

description

family

windows

oval:org.mitre.oval:def:16681

status

accepted

submitted

2013-04-26T14:33:26.748+04:00

title

Unspecified vulnerability in the Oracle VM Virtual Box component in Oracle Virtualization 3.2, 4.0, and 4.1

version

refmap via4

bid	56045
confirm	http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
debian	DSA-2594
mandriva	MDVSA-2013:150
sectrack	1027666
xf	vmvirtualbox-virtualboxcore-dos(79380)

Last major update

19-09-2017 - 01:35

Published

17-10-2012 - 10:54

Last modified

19-09-2017 - 01:35