Gentoo Linux Security Advisory 201612-27 - Multiple vulnerabilities have been found in VirtualBox, the worst of which allows local users to escalate privileges. Versions before 4.3.28 are affected.
8018cb397a0a196ca1155a3ee23c7a87d2f3e59d927afeeae104ca1ff0205aa0This Metasploit module exploits a vulnerability in the 3D Acceleration support for VirtualBox. The vulnerability exists in the remote rendering of OpenGL-based 3D graphics. By sending a sequence of specially crafted of rendering messages, a virtual machine can exploit an out of bounds array access to corrupt memory and escape to the host. This Metasploit module has been tested successfully on Windows 7 SP1 (64 bits) as Host running Virtual Box 4.3.6.
86c260fb68e437881ab16b483c4e49b6bc21fe1b4a46b94f446e6d346cda9ddaDebian Linux Security Advisory 2904-1 - Francisco Falcon discovered that missing input sanisiting in the 3D acceleration code in VirtualBox could lead to the execution of arbitrary code on the host system.
55710322d25bef7d15ba3a2da0ca8209657fed23bc990c607cacab173c065ba2Core Security Technologies Advisory - Multiple memory corruption vulnerabilities have been found in the code that implements 3D Acceleration for OpenGL graphics in Oracle VirtualBox. These vulnerabilities could allow an attacker who is already running code within a Guest OS to escape from the virtual machine and execute arbitrary code on the Host OS.
21ec84e64e681dcbf21f5213bd3356433798b0d9e50c61ad3431bb54276c747d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed