4 matches found
CVE-2008-3431
creationtimestamp| type| source ---|---|--- 2008-08-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6218 2020-06-17 19:20:47+00:00| seen| MISP/5eea648c-6088-4f01-bf29-6af3ac13a7a7 2020-06-22 13:30:58+00:00| seen| https://t.me/cyberbannewsir/909 2020-10-09 13:47:08+00:00| seen|...
CVE-2008-3431
The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...
CVE-2008-3431
CVE-2008-3431 affects Sun xVM VirtualBox on Windows prior to 1.6.4. The VBoxDrv.sys driver handles IOCTLs with METHOD_NEITHER and fails to validate the user-supplied buffer, enabling a local unprivileged user to craft a kernel address and gain kernel privileges by calling DeviceIoControl to the ....
Sun xVM VirtualBox < 1.6.4 Local Privilege Escalation
The remote host contains a version of Sun xVM VirtualBox, an open source virtualization platform, before 1.6.4. Such versions reportedly include a kernel driver, 'VBoxDrv.sys', that allows a local user to open the device '.\VBoxDrv' and issue IOCTLs with a buffering method of 'METHODNEITHER'...