Lucene search
AnonymousZDI-18-689HistoryJul 18, 2018 - 12:00 a.m.
Oracle VirtualBox crUnpackTexImage2D Untrusted Pointer Dereference Privilege Escalation Vulnerability
2018-07-1800:00:00
Anonymous
www.zerodayinitiative.com
6
0.001 Low
EPSS
Percentile
35.5%
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the crUnpackTexImage2D method. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to escalate privileges and execute code under the context of the hypervisor.
Related
cvelist
cvelist
CVE-2018-3089
2018-07-18 13:00:00
cve
cve
CVE-2018-3089
2018-07-18 13:29:08
prion
prion
Buffer overflow
2018-07-18 13:29:00
nvd
nvd
CVE-2018-3089
2018-07-18 13:29:08
ubuntucve
ubuntucve
CVE-2018-3089
2018-07-18 00:00:00
debiancve
debiancve
CVE-2018-3089
2018-07-18 13:29:08
openvas
openvas
Oracle VirtualBox Security Updates (jul2018-4258247) - Linux
2018-07-18 00:00:00
Oracle VirtualBox Security Updates (jul2018-4258247) - Mac OS X
2018-07-18 00:00:00
Oracle VirtualBox Security Updates (jul2018-4258247) - Windows
2018-07-18 00:00:00
nessus
nessus
openSUSE Security Update : virtualbox (openSUSE-2019-586)
2019-03-27 00:00:00
openSUSE Security Update : virtualbox (openSUSE-2018-853)
2018-08-10 00:00:00
Oracle VM VirtualBox < 5.2.16 Multiple Vulnerabilities (July 2018 CPU)
2018-07-20 00:00:00
kaspersky
kaspersky
KLA11295 Multiple vulnerabilities in Oracle Virtual Box
2018-07-17 00:00:00
suse
suse
Security update for virtualbox (important)
2018-08-10 03:15:50
Security update for kbuild, virtualbox (important)
2018-08-27 00:07:57
mageia
mageia
Updated virtualbox packages fix security vulnerabilities
2018-09-01 00:11:59
oracle
oracle
CPU July 2018
2018-07-17 00:00:00