Vulnerabilities > CVE-2012-0111 - Local vulnerability in Oracle Virtualization and VM Virtualbox

047910
CVSS 3.6 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
local
low complexity
oracle
nessus

Summary

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows local users to affect confidentiality and integrity via unknown vectors related to Shared Folders.

Vulnerable Configurations

Part Description Count
Application
Oracle
2

Nessus

  • NASL familyWindows
    NASL idVIRTUALBOX_4_1_8.NASL
    descriptionThe version of Oracle VM VirtualBox 4.1.x installed on the remote Windows host is earlier than version 4.1.8 and is, therefore, affected by two unspecified local vulnerabilities. These vulnerabilities take advantage of shared folders and Windows Guest Additions that a local attacker could use to access and modify data that is accessible by Oracle VM VirtualBox.
    last seen2020-06-01
    modified2020-06-02
    plugin id62901
    published2012-11-13
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62901
    titleOracle VM VirtualBox 4.1.x < 4.1.8 Unspecified Local Issues
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2012-696.NASL
    descriptionVirtualBox was updated to 4.1.22 stable release, bringing lots of security and also bugfixes. The 4.1.22 release is brought to all openSUSE distributions to align their versions. changes in virtualbox 4.1.22 (maintenance release) - VMM: fixed a potential host crash triggered by shutting down a VM when another VM was running - VMM: fixed a potential host crash under a high guest memory pressure (seen with Windows 8 guests) - VMM: respect RAM preallocation while restoring saved state. - VMM: fixed handling of task gates if VT-x/AMD-V is disabled - Storage: fixed audio CD passthrough for certain media players - USB: don
    last seen2020-06-05
    modified2014-06-13
    plugin id74774
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74774
    titleopenSUSE Security Update : virtualbox (openSUSE-SU-2012:1323-1)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201204-01.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201204-01 (VirtualBox: Multiple vulnerabilities) Multiple unspecified vulnerabilities have been discovered in VirtualBox. Please review the CVE identifiers referenced below for details. Impact : A local attacker may be able to gain escalated privileges via unknown attack vectors. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id59617
    published2012-06-21
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59617
    titleGLSA-201204-01 : VirtualBox: Multiple vulnerabilities

Oval

accepted2014-02-17T04:00:11.454-05:00
classvulnerability
contributors
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
definition_extensions
commentVirtualBox is installed
ovaloval:org.mitre.oval:def:11581
descriptionUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows local users to affect confidentiality and integrity via unknown vectors related to Shared Folders.
familywindows
idoval:org.mitre.oval:def:16722
statusaccepted
submitted2013-04-26T14:33:26.748+04:00
titleUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows local users to affect confidentiality and integrity via unknown vectors related to Shared Folders
version8