7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.0005 Low
EPSS
Percentile
15.9%
10/19/2017
Warning
Multiple serious vulnerabilities have been found in Oracle VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions and obtain sensitive information.
Oracle Virtual Box versions earlier than 5.1.30
Update to the latest version
Download Oracle Virtual Box
Oracle Critical Patch Update Advisory
OSI
CVE-2017-103924.3Warning
CVE-2017-104074.3Warning
CVE-2017-104084.3Warning
CVE-2017-104284.1Warning
www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10392
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10407
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10408
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10428
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Oracle-VirtualBox/
www.virtualbox.org/wiki/Download_Old_Builds_5_1
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.0005 Low
EPSS
Percentile
15.9%