6978 matches found
Oracle VirtualBox crServerDispatchGenProgramsARB Integer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...
Oracle VirtualBox crServerDispatchGenFramebuffersEXT Integer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...
Oracle VirtualBox crServerDispatchGenBuffersARB Integer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...
Oracle VirtualBox crServerDispatchAreTexturesResident Integer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...
Oracle VirtualBox Security Updates (oct2018-4428296) 02 - Linux
Oracle VirtualBox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:vmvirtualbox";...
Oracle VirtualBox Security Updates (oct2018-4428296) - Windows
Oracle VirtualBox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:vmvirtualbox";...
Oracle VirtualBox Security Updates (oct2018-4428296) 03 - Mac OS X
Oracle VirtualBox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:vmvirtualbox";...
Injecting Code into Windows Protected Processes using COM - Part 1
Posted by James Forshaw, Google Project Zero At Recon Montreal 2018 I presented “Unknown Known DLLs and other Code Integrity Trust Violations” with Alex Ionescu. We described the implementation of Microsoft Windows’ Code Integrity mechanisms and how Microsoft implemented Protected Processes PP. A...
Oracle VirtualBox crUnpackExtendAreProgramsResidentNV Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...
Oracle VirtualBox crUnpackExtendAreTexturesResident Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...
Oracle VirtualBox crServerDispatchGetAttachedObjectsARB Integer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...
Oracle VirtualBox crServerDispatchGetAttachedShaders Integer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...
Oracle VirtualBox Manager 'Name Attribute' Denial of Service Vulnerability
Oracle VirtualBox Manager is a virtualization management tool from Oracle. A denial of service vulnerability exists in Oracle VirtualBox Manager 'Name Attribute', which can be exploited by attackers to cause a system crash...
Oracle VirtualBox Manager 5.2.18 r124319 - Name Attribute Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service PoC Discovery by: Jose Eduardo Castro Vendor Homepage: https://www.virtualbox.org/ Software Link:...
Oracle VirtualBox Manager 5.2.18 r124319 - Name Attribute Denial of Service (PoC)
Oracle VirtualBox Manager 5.2.18 r124319 - Name Attribute Denial of Service PoC Exploit Title: Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service PoC Discovery by: Jose Eduardo Castro Discovery Date: 2018-09-14 Vendor Homepage: https://www.virtualbox.org/ Software Link:...
Oracle VirtualBox Manager 5.2.18 r124319 Denial Of Service
Exploit Title: Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service PoC Discovery by: Jose Eduardo Castro Discovery Date: 2018-09-14 Vendor Homepage: https://www.virtualbox.org/ Software Link:...
Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC)
Exploit Title: Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service PoC Discovery by: Jose Eduardo Castro Discovery Date: 2018-09-14 Vendor Homepage: https://www.virtualbox.org/ Software Link:...
VirtualBox 5.2.6.r120293 - VM Escape Exploit
Exploit for linux platform in category local exploits Oracle fixed some of the issues I reported in VirtualBox during the Oracle Critical Patch Update - April 2018. CVE-2018-2844 was an interesting double fetch vulnerability in VirtualBox Video Acceleration VBVA feature affecting Linux hosts. VBV...
3dpwn
VirtualBox 3D PoCs & exploits Author: @niklasbhttps://t...
Updated virtualbox packages fix security vulnerabilities
This update provides the virtualbox 5.1.18 maintenance release that fixes at least the following security issues: Fixed an easily exploitable vulnerability that allowed unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox...