8.6 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
46.2%
07/17/2018
Critical
Multiple serious vulnerabilities were found in Virtual Box. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions and read local files.
Oracle Virtual Box versions earlier than 5.2.16
Update to the latest version
Download Oracle Virtual Box
Oracle Critical Patch Update Advisory – July 2018
DoS
CVE-2018-30864.4Warning
CVE-2018-30874.4Warning
CVE-2018-30884.4Warning
CVE-2018-30894.4Warning
CVE-2018-30904.4Warning
CVE-2018-30854.4Warning
CVE-2018-30553.3Warning
CVE-2018-30911.9Warning
CVE-2018-30052.1Warning
www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixOVIR
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3005
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3055
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3085
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3086
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3087
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3088
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3089
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3090
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3091
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Oracle-VirtualBox/
www.virtualbox.org/wiki/Downloads
8.6 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
46.2%