KLA10888Multiple vulnerabilities in Oracle VM VirtualBox

2016-10-19T00:00:00
ID KLA10888
Type kaspersky
Reporter Kaspersky Lab
Modified 2018-11-15T00:00:00

Description

CVSS:

7.8

Detect date:

10/19/2016

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.

Affected products:

Oracle VM VirtualBox versions earlier than 5.0.28
Oracle VM VirtualBox 5.1 versions earlier than 5.1.8

Solution:

Update to the latest version
Oracle VM VirtualBox download page

Original advisories:

Oracle bulletin

Impacts:

OSI

Related products:

Oracle VirtualBox

CVE-IDS:

CVE-2016-5605
CVE-2016-5501
CVE-2016-5610
CVE-2016-5538
CVE-2016-5608
CVE-2016-5611
CVE-2016-5613
CVE-2016-6304