Test ID:	1.3.6.1.4.1.25623.1.0.804356
Category:	General
Title:	Oracle VM VirtualBox Multiple Memory Corruption Vulnerabilities - Linux
Summary:	Oracle VM VirtualBox is prone to multiple memory corruption vulnerabilities.
Description:	Summary: Oracle VM VirtualBox is prone to multiple memory corruption vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An error within the 'crNetRecvReadback' function. - Multiple errors within the 'crNetRecvReadback' and 'crNetRecvWriteback' functions. - A boundary error within multiple generated 'crServerDispatchVertexAttrib*ARB' functions. Vulnerability Impact: Successful exploitation will allow local users to conduct a denial of service or potentially execute arbitrary code. Affected Software/OS: Oracle VM VirtualBox version 4.2.x through 4.2.20, 4.3.x before 4.3.8 on Linux. Solution: Upgrade to Oracle VM VirtualBox version 4.3.8 or later. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0981 Bugtraq: 20140311 CORE-2014-0002 - Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/531418/100/0/threaded Debian Security Information: DSA-2904 (Google Search) http://www.debian.org/security/2014/dsa-2904 http://www.exploit-db.com/exploits/32208 http://seclists.org/fulldisclosure/2014/Mar/95 https://security.gentoo.org/glsa/201612-27 http://www.coresecurity.com/advisories/oracle-virtualbox-3d-acceleration-multiple-memory-corruption-vulnerabilities http://secunia.com/advisories/57384 Common Vulnerability Exposure (CVE) ID: CVE-2014-0983
Copyright	Copyright (C) 2014 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.