Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10630
HistoryJul 14, 2015 - 12:00 a.m.

KLA10630 Multiple vulnerabilities in Oracle VM VirtualBox

2015-07-1400:00:00
Kaspersky Lab
threats.kaspersky.com
48

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

7.3 High

AI Score

Confidence

Low

0.944 High

EPSS

Percentile

99.2%

JSON

An unspecified vulnerabilities were found in Oracle VM VirtualBox. By exploiting these vulnerabilities malicious users can affect integrity, cause denial of service and obtain sensitive information. These vulnerabilities can be exploited locally via an unknown vectors.

Original advisories

Oracle bulletin

Related products

Oracle-VirtualBox

CVE list

CVE-2014-3571 warning

CVE-2015-1803 critical

CVE-2015-0286 warning

CVE-2015-0255 high

CVE-2014-0227 high

CVE-2010-1324 warning

CVE-2014-8102 high

CVE-2014-0230 critical

CVE-2015-4727 critical

CVE-2015-2581 high

CVE-2015-2594 high

Solution

Update to the latest version

Get VirtualBox

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

  • LoI

Loss of integrity. Exploitation of vulnerabilities with this impact can lead to partial system fault or system components connection disruption.

Affected Products

  • Oracle VM VirtualBox 4.0 versions earlier than 4.0.32Oracle VM VirtualBox 4.1 versions earlier than 4.1.40Oracle VM VirtualBox 4.2 versions earlier than 4.2.32Oracle VM VirtualBox 4.3 versions earlier than 4.3.30

Related

nessus 37
tomcat 3
ibm 21
openvas 39
ubuntu 2
osv 5
debian 4
cvelist 9
ubuntucve 8
nvd 9
debiancve 8
cve 10
veracode 5
prion 10
freebsd 3
oraclelinux 3
centos 1
mageia 2
redhat 3
github 1
securityvulns 5
f5 6
amazon 1
archlinux 1
myhack58 1
openssl 1
checkpoint_advisories 1
nessus
nessus
Oracle Secure Global Desktop Multiple Vulnerabilities (July 2015 CPU)
2015-07-16 00:00:00
Apache Tomcat 8.0.0-RC1 < 8.0.9 multiple vulnerabilities
2015-03-01 00:00:00
Apache Tomcat 7.0.0 < 7.0.55 multiple vulnerabilities
2014-09-02 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 8.0.9
2014-06-24 00:00:00
Fixed in Apache Tomcat 7.0.55
2014-07-27 00:00:00
Fixed in Apache Tomcat 6.0.43
2014-11-22 00:00:00
ibm
ibm
Security Bulletin: Apache Tomcat vulnerabilities affect IBM SAN Volume Controller and Storwize Family (CVE-2014-0227 CVE-2014-0230)
2023-03-29 01:48:02
Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities (CVE-2014-0230, CVE-2014-7810,CVE-2014-0227)
2018-06-15 07:03:18
Security Bulletin: Multiple security vulnerabilities in Open Source Apache Tomcat affect IBM Cognos Business Viewpoint (CVE-2014-0227, CVE-2014-0230, CVE-2014-7810)
2020-02-13 23:52:21
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:1337-1)
2021-06-09 00:00:00
Ubuntu: Security Advisory (USN-2655-1)
2015-06-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:1565-1)
2021-06-09 00:00:00
ubuntu
ubuntu
Tomcat vulnerabilities
2015-06-25 00:00:00
Tomcat vulnerabilities
2015-06-25 00:00:00
osv
osv
tomcat6 - security update
2015-05-28 00:00:00
virtualbox - security update
2015-09-13 00:00:00
Improper Input Validation in Apache Tomcat
2022-05-14 01:10:18
debian
debian
[SECURITY] [DLA 232-1] tomcat6 security update
2015-05-28 19:25:54
[SECURITY] [DSA 3359-1] virtualbox security update
2015-09-13 19:47:32
[SECURITY] [DSA 3160-1] xorg-server security update
2015-02-11 17:23:14
cvelist
cvelist
CVE-2015-4727
2015-07-16 10:00:00
CVE-2014-8102
2014-12-10 15:00:00
CVE-2010-1324
2010-12-02 16:00:00
ubuntucve
ubuntucve
CVE-2014-8102
2014-12-09 00:00:00
CVE-2015-2594
2015-07-16 00:00:00
CVE-2015-1803
2015-03-18 00:00:00
nvd
nvd
CVE-2014-8102
2014-12-10 15:59:14
CVE-2015-4727
2015-07-16 11:00:24
CVE-2010-1324
2010-12-02 16:22:20
debiancve
debiancve
CVE-2015-2594
2015-07-16 10:59:20
CVE-2014-8102
2014-12-10 15:59:14
CVE-2010-1324
2010-12-02 16:22:20
cve
cve
CVE-2015-2594
2015-07-16 10:59:20
CVE-2015-4727
2015-07-16 11:00:24
CVE-2014-8102
2014-12-10 15:59:14
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:05:57
Denial Of Service (DoS) Memory Consumption
2019-01-15 09:03:54
Denial Of Service (DoS) Through Null Pointer Dereference
2017-02-06 06:41:02
prion
prion
Code injection
2010-12-02 16:22:00
Out-of-bounds
2014-12-10 15:59:00
Design/Logic Flaw
2015-07-16 10:59:00
freebsd
freebsd
krb5 -- unkeyed PAC checksum handling vulnerability
2010-11-30 00:00:00
krb5 -- multiple checksum handling vulnerabilities
2010-11-30 00:00:00
xorg-server -- Information leak in the XkbSetGeometry request of X servers.
2015-02-10 00:00:00
oraclelinux
oraclelinux
xorg-x11-server security update
2015-04-09 00:00:00
tomcat security update
2015-05-12 00:00:00
tomcat6 security and bug fix update
2015-05-12 00:00:00
centos
centos
xorg security update
2015-04-10 12:06:39
mageia
mageia
Updated x11-server packages fix CVE-2015-0255
2015-02-17 21:38:13
Updated tomcat packages fix CVE-2014-0227
2015-02-19 19:37:50
redhat
redhat
(RHSA-2015:0797) Moderate: xorg-x11-server security update
2015-04-10 00:00:00
(RHSA-2015:0983) Moderate: tomcat security update
2015-05-12 00:00:00
(RHSA-2015:0991) Moderate: tomcat6 security and bug fix update
2015-05-12 00:00:00
github
github
Uncontrolled Resource Consumption in Apache Tomcat
2022-05-14 01:10:18
securityvulns
securityvulns
Apache Tomcar request spoofing
2015-02-23 00:00:00
[SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling
2015-02-23 00:00:00
[SECURITY] CVE-2014-0230: Apache Tomcat DoS
2015-05-11 00:00:00
f5
f5
K16344 : Apache Tomcat vulnerability CVE-2014-0227
2015-09-16 00:00:00
K16123 : OpenSSL vulnerability CVE-2014-3571
2015-09-18 00:00:00
SOL16123 - OpenSSL vulnerability CVE-2014-3571
2015-02-11 00:00:00
amazon
amazon
Medium: xorg-x11-server
2015-05-05 15:55:00
archlinux
archlinux
tomcat6: denial of service
2015-05-13 00:00:00
myhack58
myhack58
Apache Tomcat denial of service vulnerability(CVE-2 0 1 4-0 2 3 0)-vulnerability warning-the black bar safety net
2015-05-11 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2014-3571
2015-01-05 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenSSL DTLS dtls1_get_record Segmentation Fault Denial of Service (CVE-2014-3571)
2015-01-14 00:00:00

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

7.3 High

AI Score

Confidence

Low

0.944 High

EPSS

Percentile

99.2%

JSON
Related for KLA10630
nessus37tomcat3ibm21openvas39ubuntu2osv5debian4cvelist9ubuntucve8nvd9debiancve8cve10veracode5prion10freebsd3oraclelinux3centos1mageia2redhat3github1securityvulns5f56amazon1archlinux1myhack581openssl1checkpoint_advisories1