Lucene search

K

[email protected]NVD:CVE-2014-2487

HistoryJul 17, 2014 - 5:10 a.m.

CVE-2014-2487

2014-07-1705:10:14

[email protected]

web.nvd.nist.gov

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

5.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

32.3%

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.14, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-4261.

Affected configurations

NVD

Node

oraclevm_virtualboxRange3.2.0–3.2.24

OR

oraclevm_virtualboxRange4.0–4.0.26

OR

oraclevm_virtualboxRange4.1.0–4.1.34

OR

oraclevm_virtualboxRange4.2.0–4.2.26

OR

oraclevm_virtualboxRange4.3.0–4.3.14

AND

microsoftwindows

References

seclists.org/fulldisclosure/2014/Dec/23

www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

www.securityfocus.com/archive/1/534161/100/0/threaded

www.vmware.com/security/advisories/VMSA-2014-0012.html

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

5.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

32.3%

Related for NVD:CVE-2014-2487

openvas1 cve2 nvd1 ubuntucve2 debiancve2 cvelist2 prion2 kaspersky1 nessus1 securityvulns1 oracle1