9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.458 Medium
EPSS
Percentile
97.4%
10/19/2016
Critical
Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.
Oracle VM VirtualBox versions earlier than 5.0.28
Oracle VM VirtualBox 5.1 versions earlier than 5.1.8
Update to the latest version
Oracle VM VirtualBox download page
OSI
CVE-2016-56056.4High
CVE-2016-55017.2High
CVE-2016-56104.6Warning
CVE-2016-55387.2High
CVE-2016-56082.1Warning
CVE-2016-56112.1Warning
CVE-2016-56132.1Warning
CVE-2016-63047.8Critical
www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Oracle-VirtualBox/
www.virtualbox.org/wiki/Downloads
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.458 Medium
EPSS
Percentile
97.4%