CVE-2018-3005
Summary
| CVE | CVE-2018-3005 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-07-18 13:29:00 UTC |
| Updated | 2019-10-03 00:03:00 UTC |
| Description | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 4.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Oracle | Vm Virtualbox | All | All | All | All |
| Application | Oracle | Vm Virtualbox | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Oracle VM VirtualBox Mulltiple Local Security Vulnerabilities | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CPU July 2018 | CONFIRM | www.oracle.com | Patch, Vendor Advisory |
| Oracle VM VirtualBox Multiple Flaws Let Local Users Access and Modify Data, Deny Service, and Gain Elevated Privileges - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.