5 matches found
Security update for virtualbox (important)
This update to virtualbox 5.0.40 fixes the following issues: These security issues were fixed bsc1034854: - CVE-2017-3513: Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Difficult to exploit vulnerability allows high privileged attacker with logon...
CVE-2017-3538
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Shared Folder. Supported versions that are affected are Prior to 5.0.34 and Prior to 5.1.16. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...
CVE-2017-3538
CVE-2017-3538 affects Oracle VM VirtualBox (Shared Folder subcomponent). The initial description specifies affected versions: prior to 5.0.34 and prior to 5.1.16. The vulnerability can be exploited by a low-privilege user with logon to the host infrastructure, enabling unauthorized creation, dele...
KLA11028 A read/write local files vulnerability in Oracle VM Virtual Box
An unspecified vulnerability was found in Oracle VM VirtualBox. By exploiting this vulnerability low priveleged malicious users with logon to the infrastructure, where OracleVM VirtualBox is executed, can write to some of Oracle VM VirtualBox accessible data and read a subset of Oracle VM...
VirtualBox: cooperating VMs can escape from shared folder (CVE-2017-3538)
There is a security issue in the shared folder implementation that permits cooperating guests with write access to the same shared folder to gain access to the whole filesystem of the host, at least on Linux hosts. The issue is that, when the host checks whether a given path escapes the root...