RedosROS-20240723-05ROS-20240723-05
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
Low
A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to an insecure privilege management vulnerability.
insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate their
privileges
A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to the use of memory after its release.
memory usage after memory is freed. Exploitation of the vulnerability could allow an attacker to disclose
protected information
Vulnerability of the Core component of Oracle VM VirtualBox virtualization software tool is related to errors
during variable initialization. Exploitation of the vulnerability could allow an attacker to elevate their
privileges
Vulnerability of the Core component of Oracle VM VirtualBox virtualization software tool is related to writing outside the buffer boundaries in memory.
buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to escalate privileges
Vulnerability of Core component of Oracle VM VirtualBox virtualization software tool is related to
access control weaknesses. Exploitation of the vulnerability could allow an attacker to escalate their privileges.
privileges
Vulnerability of Core component of Oracle VM VirtualBox virtualization software tool is related to
insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized privileges.
remotely, gain unauthorized access to protected information using HTTP network protocol.
A vulnerability in the Core component of Oracle VM VirtualBox virtualization software is related to
insufficient verification of input data. Exploitation of the vulnerability could allow an intruder to disclose
protected information
Vulnerability of Core component of Oracle VM VirtualBox virtualization software tool is related to
Insufficient input data validation. Exploitation of the vulnerability could allow an attacker to cause a
denial of service
Vulnerability in Core component of Oracle VM VirtualBox virtualization software tool is related to
Buffer copying without input data size validation. Exploitation of the vulnerability could allow
an attacker to execute arbitrary code and escalate privileges
A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is associated with an
An uncontrolled search path element. Exploitation of the vulnerability could allow an attacker to have an impact on the confidentiality, integrity, and privilege.
impact confidentiality, integrity and availability of protected information
Vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to errors
in input data processing. Exploitation of the vulnerability could allow an attacker to execute arbitrary
code
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| redos | 7.3 | x86_64 | virtualbox | < 7.0.18-1 | UNKNOWN |
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
Low