Lucene search
K

4 matches found

Circl
Circl
added 2008/08/10 12:0 a.m.27 views

CVE-2008-3431

creationtimestamp| type| source ---|---|--- 2008-08-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6218 2020-06-17 19:20:47+00:00| seen| MISP/5eea648c-6088-4f01-bf29-6af3ac13a7a7 2020-06-22 13:30:58+00:00| seen| https://t.me/cyberbannewsir/909 2020-10-09 13:47:08+00:00| seen|...

8.8CVSS6.7AI score0.06932EPSS
Exploits8References7
Vulnrichment
Vulnrichment
added 2008/08/05 7:20 p.m.8 views

CVE-2008-3431

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...

8.4AI score0.06932EPSS
Exploits8References11
CVE
CVE
added 2008/08/05 7:20 p.m.1041 views

CVE-2008-3431

CVE-2008-3431 affects Sun xVM VirtualBox on Windows prior to 1.6.4. The VBoxDrv.sys driver handles IOCTLs with METHOD_NEITHER and fails to validate the user-supplied buffer, enabling a local unprivileged user to craft a kernel address and gain kernel privileges by calling DeviceIoControl to the ....

8.8CVSS7.5AI score0.06932EPSS
In wildExploits8References12Affected Software1
Tenable Nessus
Tenable Nessus
added 2008/08/05 12:0 a.m.62 views

Sun xVM VirtualBox < 1.6.4 Local Privilege Escalation

The remote host contains a version of Sun xVM VirtualBox, an open source virtualization platform, before 1.6.4. Such versions reportedly include a kernel driver, 'VBoxDrv.sys', that allows a local user to open the device '.\VBoxDrv' and issue IOCTLs with a buffering method of 'METHODNEITHER'...

8.8CVSS7AI score0.06932EPSS
Exploits8References4
Rows per page
Query Builder