Vulnerability Details

Oracle VirtualBox Security Updates (jul2019-5072835) - Windows

Published: 2019-07-17 07:22:56
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Summary:
The host is installed with Oracle VM VirtualBox and is prone to multiple vulnerabilities.

Detection Method:
Checks if a vulnerable version is present on the target host.

Technical Details:
Multiple flaws exists due to multiple unspecified vulnerabilities in 'Core' component.

Impact:
Successful exploitation allow attacker to have an impact on confidentiality, integrity and availability.

Affected Versions:
VirtualBox versions 6.x prior to 6.0.10 and prior to 5.2.32 on Windows.

Recommendations:
Upgrade to Oracle VirtualBox version 6.0.10 or 5.2.32 or later. Please see the references for more information.

Solution Type:
Vendor Patch

Detection Type:
Windows Registry

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2019-2863
https://nvd.nist.gov/vuln/detail/CVE-2019-1543
https://nvd.nist.gov/vuln/detail/CVE-2019-2867
https://nvd.nist.gov/vuln/detail/CVE-2019-2866
https://nvd.nist.gov/vuln/detail/CVE-2019-2865
https://nvd.nist.gov/vuln/detail/CVE-2019-2864
https://nvd.nist.gov/vuln/detail/CVE-2019-2848
https://nvd.nist.gov/vuln/detail/CVE-2019-2859
https://nvd.nist.gov/vuln/detail/CVE-2019-2850
https://nvd.nist.gov/vuln/detail/CVE-2019-2874
https://nvd.nist.gov/vuln/detail/CVE-2019-2875
https://nvd.nist.gov/vuln/detail/CVE-2019-2876
https://nvd.nist.gov/vuln/detail/CVE-2019-2877
https://nvd.nist.gov/vuln/detail/CVE-2019-2873

References:

http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.virtualbox.org/wiki/Downloads

Search
Severity
High
CVSS Score
10.0

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.