{"vulnerability": "CVE-2008-3431", "sightings": [{"uuid": "008201b1-221b-42e9-9d1c-05396781f9d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2008-3431", "type": "seen", "source": "MISP/5eea648c-6088-4f01-bf29-6af3ac13a7a7", "content": "", "creation_timestamp": "2020-06-17T19:20:47.000000Z"}, {"uuid": "d2937979-fa32-4460-bb3b-00dd58bf92c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2008-3431", "type": "seen", "source": "MISP/172725f6-b2e2-44cc-a014-e6d9231ecccc", "content": "", "creation_timestamp": "2020-10-09T13:47:08.000000Z"}, {"uuid": "81c0c66f-cc23-4506-af39-9c2671be27be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2008-3431", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:02.000000Z"}, {"uuid": "5d65219b-99a0-4c30-9826-7b91571510a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2008-3431", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971271", "content": "", "creation_timestamp": "2024-12-24T20:26:49.149465Z"}, {"uuid": "3effc632-5f0f-4c5d-8548-4958878eb868", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2008-3431", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/56c4257c-a22d-4d10-a1de-0370b0cf2018", "content": "", "creation_timestamp": "2026-02-02T12:28:21.596636Z"}, {"uuid": "f2d7873a-ad15-43ee-a2aa-611340893acc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2008-3431", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:59.000000Z"}, {"uuid": "f9b46919-de83-4c55-b848-616aa66f661c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2008-3431", "type": "seen", "source": "MISP/5eea648c-6088-4f01-bf29-6af3ac13a7a7", "content": "", "creation_timestamp": "2025-04-14T05:55:19.000000Z"}, {"uuid": "2bb3e1f5-770e-4b84-a32f-bc0f59b2faa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2008-3431", "type": "seen", "source": "Telegram/7VWqqfDgMpYZpbxh-pRRgCPKBktaAGT14vVMSbfdq8H3BZrw", "content": "", "creation_timestamp": "2025-02-14T10:00:30.000000Z"}, {"uuid": "f62a8d74-f74a-4b33-b827-890310a0797e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "db99543d-496c-4eef-ad0a-2df2093364df", "vulnerability": "CVE-2008-3431", "type": "confirmed", "source": "https://www.exploit-db.com/exploits/6218", "content": "", "creation_timestamp": "2008-08-10T00:00:00.000000Z"}, {"uuid": "07e243a2-98b1-44e0-9b68-0f2565372478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2008-3431", "type": "seen", "source": "https://t.me/cyberbannews_ir/909", "content": "\u200d \ud83d\uded1\u062d\u0645\u0644\u0647 \u0633\u0627\u06cc\u0628\u0631\u06cc \u0628\u0647 \u0628\u0631\u062e\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627\u06cc \u0631\u0648\u0633\u06cc\u0647\n\n\u0647\u06a9\u0631\u0647\u0627 \u0628\u0627 \u0628\u0647\u0631\u0647\u200c\u06af\u06cc\u0631\u06cc \u0627\u0632 \u06cc\u06a9 \u0628\u062f\u0627\u0641\u0632\u0627\u0631 \u067e\u06cc\u0686\u06cc\u062f\u0647 \u062f\u0648 \u0633\u0627\u0632\u0645\u0627\u0646 \u0631\u0648\u0633\u06cc\u0647 \u0631\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631\u062f\u0627\u062f\u0646\u062f.\n\n\u0628\u0647 \u06af\u0632\u0627\u0631\u0634 \u06a9\u0627\u0631\u06af\u0631\u0648\u0647 \u062d\u0645\u0644\u0627\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0633\u0627\u06cc\u0628\u0631\u0628\u0627\u0646\u061b \u06a9\u0627\u0631\u0634\u0646\u0627\u0633\u0627\u0646 \u0634\u0631\u06a9\u062a \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u067e\u0627\u0644\u0648\u0622\u0644\u062a\u0648\u0646\u062a\u0648\u0631\u06a9 (Palo Alto Networks) \u0628\u0627 \u0627\u0646\u062a\u0634\u0627\u0631 \u06af\u0632\u0627\u0631\u0634\u06cc \u0627\u0639\u0644\u0627\u0645 \u06a9\u0631\u062f\u0646\u062f \u0647\u06a9\u0631\u0647\u0627 \u0628\u0627 \u0628\u0647\u0631\u0647\u200c\u06af\u06cc\u0631\u06cc \u0627\u0632 \u06cc\u06a9 \u0628\u062f\u0627\u0641\u0632\u0627\u0631 \u067e\u06cc\u0686\u06cc\u062f\u0647 \u062f\u0648 \u0633\u0627\u0632\u0645\u0627\u0646 \u0631\u0648\u0633\u06cc\u0647 \u0631\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0647\u200c\u0627\u0646\u062f. \n\n\u0628\u0647 \u06af\u0641\u062a\u0647 \u06a9\u0627\u0631\u0634\u0646\u0627\u0633\u0627\u0646 \u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a\u060c \u0628\u062f\u0627\u0641\u0632\u0627\u0631\u06cc \u06a9\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u0632 \u0622\u0646 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0647\u200c\u0627\u0646\u062f\u060c \u00abAcidBox\u00bb \u0646\u0627\u0645 \u062f\u0627\u0631\u062f \u0648 \u0627\u062d\u062a\u0645\u0627\u0644 \u0645\u06cc\u200c\u0631\u0648\u062f \u0628\u062e\u0634\u06cc \u0627\u0632 \u0645\u062c\u0645\u0648\u0639\u0647 \u0628\u0632\u0631\u06af\u06cc \u0627\u0632 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0647\u06a9 \u0628\u0627\u0634\u062f. \u06af\u0631\u0648\u0647\u06cc \u06a9\u0647 \u0627\u06cc\u0646 \u0628\u062f\u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0648\u0633\u0639\u0647 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a\u060c \u0641\u0639\u0627\u0644 \u0628\u0648\u062f\u0647 \u0648 \u062d\u0645\u0644\u0627\u062a \u0647\u062f\u0641\u0645\u0646\u062f \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc\u200c\u062f\u0647\u062f. \n\n\u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u062f\u0631 \u0627\u06cc\u0646 \u062d\u0645\u0644\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0631\u062f\u0647\u200c\u0627\u0646\u062f \u06a9\u0647 \u067e\u06cc\u0634\u062a\u0631 \u06af\u0631\u0648\u0647 \u062a\u0648\u0631\u0644\u0627 (Turla) \u0627\u0632 \u0622\u0646 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0647 \u0627\u0633\u062a. \u062e\u0627\u0633\u062a\u06af\u0627\u0647 \u0627\u06cc\u0646 \u06af\u0631\u0648\u0647 \u06a9\u0647 \u0628\u0647 \u0646\u0627\u0645\u200c\u0647\u0627\u06cc \u00abWaterbug\u00bb \u060c\u00abVenomous Bear\u00bb \u0648 \u00abKRYPTON\u00bb \u0646\u06cc\u0632 \u0634\u0646\u0627\u062e\u062a\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f\u060c \u0627\u0632 \u0633\u0648\u06cc \u0633\u0631\u0648\u06cc\u0633 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062e\u0627\u0631\u062c\u06cc \u0627\u0633\u062a\u0648\u0646\u06cc\u060c \u0631\u0648\u0633\u06cc\u0647 \u0645\u0639\u0631\u0641\u06cc\u200c\u0634\u062f\u0647 \u0627\u0633\u062a. \n\n\u0637\u0628\u0642 \u06af\u0632\u0627\u0631\u0634 \u067e\u0627\u0644\u0648\u0622\u0644\u062a\u0648\u0646\u062a\u0648\u0631\u06a9\u060c \u062a\u0648\u0631\u0644\u0627 \u0627\u0648\u0644\u06cc\u0646 \u06af\u0631\u0648\u0647\u06cc \u0628\u0648\u062f \u06a9\u0647 \u062a\u0648\u0627\u0646\u0633\u062a \u0628\u0627 \u0628\u0647\u0631\u0647\u200c\u06af\u06cc\u0631\u06cc \u0627\u0632 \u062f\u0631\u0627\u06cc\u0648\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0634\u062e\u0635 \u062b\u0627\u0644\u062b\u060c \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645 \u0627\u0645\u0646\u06cc\u062a\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0627\u0645\u0636\u0627\u06cc \u062f\u0631\u0627\u06cc\u0648\u0631\u0647\u0627 (DSE) \u0631\u0627 \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u0633\u0627\u0632\u062f. \u0627\u06cc\u0646 \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645 \u0627\u0645\u06a9\u0627\u0646 \u0646\u0635\u0628 \u062f\u0631\u0627\u06cc\u0648\u0631\u0647\u0627\u06cc\u06cc \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u062f \u06a9\u0647 \u062a\u0648\u0633\u0637 \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u062a\u0623\u06cc\u06cc\u062f\u0634\u062f\u0647\u200c\u0627\u0646\u062f \u0648 \u0627\u0632 \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u062f\u0631\u0627\u06cc\u0648\u0631\u0647\u0627\u06cc \u0627\u0645\u0636\u0627 \u0646\u0634\u062f\u0647 \u062f\u0631 \u0647\u0633\u062a\u0647 \u0645\u0631\u06a9\u0632\u06cc \u0648\u06cc\u0646\u062f\u0648\u0632 \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0645\u06cc\u200c\u06a9\u0646\u062f. \n\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0627\u06cc \u06a9\u0647 \u062a\u0648\u0631\u0644\u0627 \u0627\u0632 \u0622\u0646 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0647 \u0627\u0633\u062a\u060c \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 \u00abCVE-2008-3431\u00bb \u0634\u0646\u0627\u062e\u062a\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f \u0648 \u0647\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u062f\u0631\u0627\u06cc\u0648\u0631 \u0648\u06cc\u0631\u0686\u0648\u0627\u0644 \u0628\u0627\u06a9\u0633 (VBoxDrv.sys v1.6.2) \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u06cc\u0646 \u0627\u0645\u06a9\u0627\u0646 \u0631\u0627 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645 \u062a\u0623\u06cc\u06cc\u062f\u06cc\u0647 \u0627\u0645\u0636\u0627\u06cc \u062f\u0631\u0627\u06cc\u0648\u0631\u0647\u0627 \u0631\u0627 \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u0633\u0627\u0632\u0646\u062f. \u062d\u0645\u0644\u0647 \u0628\u0647 \u062f\u0648 \u0633\u0627\u0632\u0645\u0627\u0646 \u0631\u0648\u0633\u06cc\u0647 \u0646\u06cc\u0632 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0647\u0645\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0646\u062c\u0627\u0645\u200c\u0634\u062f\u0647 \u0627\u0633\u062a.  \n\n#\u062d\u0645\u0644\u0647_\u0633\u0627\u06cc\u0628\u0631\u06cc \n#\u0631\u0648\u0633\u06cc\u0647\n\n@cyberbannews_ir", "creation_timestamp": "2020-06-22T13:30:58.000000Z"}, {"uuid": "2c3d6239-1bd1-44ae-bb41-f397d80d65fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2008-3431", "type": "seen", "source": "https://t.me/arpsyndicate/1376", "content": "#ExploitObserverAlert\n\nCVE-2008-3431\n\nDESCRIPTION: Exploit Observer has 11 entries related to CVE-2008-3431. The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\\\.\\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.\n\nFIRST-EPSS: 0.000430000\nNVD-IS: 10.0\nNVD-ES: 3.9", "creation_timestamp": "2023-12-05T03:12:09.000000Z"}]}