Lucene search

[email protected]CVE-2014-6589

HistoryJan 21, 2015 - 3:28 p.m.

CVE-2014-6589

2015-01-2115:28:26

[email protected]

web.nvd.nist.gov

cve-2014-6589

oracle virtualization

virtualbox

local users

integrity

availability

vmsvga

virtual graphics device

nvd

3.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:P/A:P

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.5%

JSON

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6590, CVE-2014-6595, and CVE-2015-0427.

Affected configurations

NVD

Node

opensuseopensuseMatch13.1

opensuseopensuseMatch13.2

Node

oraclevm_virtualboxRange≤4.3.18

CPENameOperatorVersion
opensuse:opensuseopensuseeq13.1
opensuse:opensuseopensuseeq13.2

CPE	Name	Operator	Version
opensuse:opensuse	opensuse	eq	13.1
opensuse:opensuse	opensuse	eq	13.2

References

lists.opensuse.org/opensuse-updates/2015-02/msg00030.html

www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

security.gentoo.org/glsa/201612-27

3.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:P/A:P

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.5%

JSON

Related for CVE-2014-6589

debiancve5 prion5 ubuntucve5 cve4 nvd5 openvas3 cvelist5 nessus3 myhack581 gentoo1 securityvulns1 oracle1