Vulnerabilities > CVE-2014-4228 - Local Security vulnerability in Oracle VM VirtualBox

CVSS 4.4 - MEDIUM

Attack vector

LOCAL

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

oracle

nessus

NVD

Published: 2014-07-17

Updated: 2018-10-09

Summary

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver (WDDM) for Windows guests.

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle VM Virtualbox 4.1.0 Oracle VM Virtualbox 4.1.2 Oracle VM Virtualbox 4.1.4 Oracle VM Virtualbox 4.1.6 Oracle VM Virtualbox 4.1.8 Oracle VM Virtualbox 4.1.10 Oracle VM Virtualbox 4.1.12 Oracle VM Virtualbox 4.1.14 Oracle VM Virtualbox 4.1.16 Oracle VM Virtualbox 4.1.18 Oracle VM Virtualbox 4.1.20 Oracle VM Virtualbox 4.1.22 Oracle VM Virtualbox 4.1.24 Oracle VM Virtualbox 4.1.26 Oracle VM Virtualbox 4.1.28 Oracle VM Virtualbox 4.1.30 Oracle VM Virtualbox 1.6 Oracle VM Virtualbox 1.6.0 Oracle VM Virtualbox 1.6.2 Oracle VM Virtualbox 1.6.4 Oracle VM Virtualbox 1.6.6 Oracle VM Virtualbox 2.0 Oracle VM Virtualbox 2.0.0 Oracle VM Virtualbox 2.0.2 Oracle VM Virtualbox 2.0.4 Oracle VM Virtualbox 2.0.6 Oracle VM Virtualbox 2.0.8 Oracle VM Virtualbox 2.0.10 Oracle VM Virtualbox 2.0.12 Oracle VM Virtualbox 2.1 Oracle VM Virtualbox 2.1.0 Oracle VM Virtualbox 2.1.2 Oracle VM Virtualbox 2.1.4 Oracle VM Virtualbox 2.2 Oracle VM Virtualbox 2.2.0 Oracle VM Virtualbox 2.2.2 Oracle VM Virtualbox 2.2.4 Oracle VM Virtualbox 3.0 Oracle VM Virtualbox 3.0.0 Oracle VM Virtualbox 3.0.2 Oracle VM Virtualbox 3.0.4 Oracle VM Virtualbox 3.0.6 Oracle VM Virtualbox 3.0.8 Oracle VM Virtualbox 3.0.10 Oracle VM Virtualbox 3.0.12 Oracle VM Virtualbox 3.0.14 Oracle VM Virtualbox 3.1 Oracle VM Virtualbox 3.1.0 Oracle VM Virtualbox 3.1.2 Oracle VM Virtualbox 3.1.4 Oracle VM Virtualbox 3.1.6 Oracle VM Virtualbox 3.1.8 Oracle VM Virtualbox 3.2 Oracle VM Virtualbox 3.2.0 Oracle VM Virtualbox 3.2.2 Oracle VM Virtualbox 3.2.4 Oracle VM Virtualbox 3.2.6 Oracle VM Virtualbox 3.2.8 Oracle VM Virtualbox 3.2.10 Oracle VM Virtualbox 3.2.12 Oracle VM Virtualbox 3.2.14 Oracle VM Virtualbox 3.2.16 Oracle VM Virtualbox 3.2.18 Oracle VM Virtualbox 3.2.20 Oracle VM Virtualbox 3.2.22 Oracle VM Virtualbox 3.2.24 Oracle VM Virtualbox 4.0 Oracle VM Virtualbox 4.0.0 Oracle VM Virtualbox 4.0.2 Oracle VM Virtualbox 4.0.4 Oracle VM Virtualbox 4.0.6 Oracle VM Virtualbox 4.0.8 Oracle VM Virtualbox 4.0.10 Oracle VM Virtualbox 4.0.12 Oracle VM Virtualbox 4.0.14 Oracle VM Virtualbox 4.0.16 Oracle VM Virtualbox 4.0.18 Oracle VM Virtualbox 4.0.20 Oracle VM Virtualbox 4.0.22 Oracle VM Virtualbox 4.0.24 Oracle VM Virtualbox 4.0.26 Oracle VM Virtualbox 4.0.31 Oracle VM Virtualbox 4.0.32 Oracle VM Virtualbox 4.0.34 Oracle VM Virtualbox 4.0.36 Oracle VM Virtualbox 4.1.32 Oracle VM Virtualbox 4.3.0 Oracle VM Virtualbox 4.3.2 Oracle VM Virtualbox 4.3.4 Oracle VM Virtualbox 4.3.6 Oracle VM Virtualbox 4.3.8 Oracle VM Virtualbox 4.1.34 Oracle VM Virtualbox 4.1.39 Oracle VM Virtualbox 4.1.40 Oracle VM Virtualbox 4.1.42 Oracle VM Virtualbox 4.1.44 Oracle VM Virtualbox 4.2.0 Oracle VM Virtualbox 4.2.2 Oracle VM Virtualbox 4.2.4 Oracle VM Virtualbox 4.2.6 Oracle VM Virtualbox 4.2.8 Oracle VM Virtualbox 4.2.10 Oracle VM Virtualbox 4.2.12 Oracle VM Virtualbox 4.2.14 Oracle VM Virtualbox 4.2.16 Oracle VM Virtualbox 4.2.18 Oracle VM Virtualbox 4.2.20 Oracle VM Virtualbox 4.2.22 Oracle VM Virtualbox 4.2.24 Oracle VM Virtualbox 4.2.26 Oracle VM Virtualbox 4.2.28 Oracle VM Virtualbox 4.2.30 Oracle VM Virtualbox 4.2.31 Oracle VM Virtualbox 4.2.32 Oracle VM Virtualbox 4.2.34 Oracle VM Virtualbox 4.2.36 Oracle VM Virtualbox 4.3.10	117

Nessus

NASL family	Windows
NASL id	VIRTUALBOX_4_3_14.NASL
description	The remote host contains a version of Oracle VM VirtualBox that is prior to 3.2.24, 4.0.26, 4.1.34, 4.2.26 or 4.3.14. It is, therefore, affected by the following vulnerabilities : - An unspecified flaw relating to the Core subcomponent that may allow a local attacker to gain elevated privileges. (CVE-2014-2487, CVE-2014-4261) - An unspecified flaw relating to the Core subcomponent that may allow a local attacker to have an impact on integrity and availability. (CVE-2014-2486, CVE-2014-2477, CVE-2014-2489) - An unspecified flaw relating to the Core subcomponent that may allow a local attacker to gain access to sensitive information. (CVE-2014-2488) - An unspecified flaw relating to the Graphics driver for Windows guests that may allow a local attacker to have an impact on confidentiality, integrity, and availability. (CVE-2014-4228)
last seen	2020-06-01
modified	2020-06-02
plugin id	76536
published	2014-07-16
reporter	This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/76536
title	Oracle VM VirtualBox < 3.2.24 / 4.0.26 / 4.1.34 / 4.2.26 / 4.3.14 Multiple Unspecified Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(76536); script_version("1.10"); script_cvs_date("Date: 2018/11/15 20:50:29"); script_cve_id( "CVE-2014-2477", "CVE-2014-2486", "CVE-2014-2487", "CVE-2014-2488", "CVE-2014-2489", "CVE-2014-4228", "CVE-2014-4261" ); script_bugtraq_id( 68584, 68588, 68601, 68610, 68613, 68618, 68621 ); script_name(english:"Oracle VM VirtualBox < 3.2.24 / 4.0.26 / 4.1.34 / 4.2.26 / 4.3.14 Multiple Unspecified Vulnerabilities"); script_summary(english:"Performs a version check on VirtualBox.exe."); script_set_attribute(attribute:"synopsis", value: "The remote host has an application that is affected by multiple unspecified vulnerabilities."); script_set_attribute(attribute:"description", value: "The remote host contains a version of Oracle VM VirtualBox that is prior to 3.2.24, 4.0.26, 4.1.34, 4.2.26 or 4.3.14. It is, therefore, affected by the following vulnerabilities : - An unspecified flaw relating to the Core subcomponent that may allow a local attacker to gain elevated privileges. (CVE-2014-2487, CVE-2014-4261) - An unspecified flaw relating to the Core subcomponent that may allow a local attacker to have an impact on integrity and availability. (CVE-2014-2486, CVE-2014-2477, CVE-2014-2489) - An unspecified flaw relating to the Core subcomponent that may allow a local attacker to gain access to sensitive information. (CVE-2014-2488) - An unspecified flaw relating to the Graphics driver for Windows guests that may allow a local attacker to have an impact on confidentiality, integrity, and availability. (CVE-2014-4228)"); # https://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixOVIR script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?11e8e9a6"); script_set_attribute(attribute:"see_also", value:"https://www.virtualbox.org/wiki/Changelog"); script_set_attribute(attribute:"solution", value: "Upgrade Oracle VM VirtualBox to 3.2.24 / 4.0.26 / 4.1.34 / 4.2.26 / 4.3.14 or later."); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"vuln_publication_date", value:"2014/07/15"); script_set_attribute(attribute:"patch_publication_date", value:"2014/07/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/07/16"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:vm_virtualbox"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:virtualization"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc."); script_dependencies("virtualbox_installed.nasl"); script_require_keys("VirtualBox/Version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); ver = get_kb_item_or_exit('VirtualBox/Version'); path = get_kb_item_or_exit('SMB/VirtualBox/'+ver); # Note int(null) returns '0' ver_fields = split(ver, sep:'.', keep:FALSE); major = int(ver_fields[0]); minor = int(ver_fields[1]); rev = int(ver_fields[2]); # Affected : # 3.2.x < 3.2.24 # 4.0.x < 4.0.26 # 4.1.x < 4.1.34 # 4.2.x < 4.2.26 # 4.3.x < 4.3.14 if (major == 3 && minor == 2 && rev < 24) fix = '3.2.24'; else if (major == 4 && minor == 0 && rev < 26) fix = '4.0.26'; else if (major == 4 && minor == 1 && rev < 34) fix = '4.1.34'; else if (major == 4 && minor == 2 && rev < 26) fix = '4.2.26'; else if (major == 4 && minor == 3 && rev < 14) fix = '4.3.14'; if (fix) { port = get_kb_item("SMB/transport"); if (!port) port = 445; if (report_verbosity > 0) { report = '\n Path : ' + path + '\n Installed version : ' + ver + '\n Fixed version : ' + fix + '\n'; security_warning(port:port, extra:report); } else security_warning(port); exit(0); } else audit(AUDIT_INST_PATH_NOT_VULN, 'Oracle VM VirtualBox', ver, path);

Summary

Vulnerable Configurations

Nessus

References