CVE-2015-4896
Published Oct 21, 2015
Last updated 6 years ago
Overview
- Description
- Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when a VM has the Remote Display feature (RDP) enabled, allows remote attackers to affect availability via unknown vectors related to Core.
- Source
- secalert_us@oracle.com
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Evaluator
- Comment
- Per <a href="http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" rel="nofollow">LINK</a>: Only VMs with Remote Display feature (RDP) enabled are impacted by CVE-2015-4896.
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F630FD81-EC8F-4BC7-8838-64072B477325",
"versionEndExcluding": "4.0.34",
"versionStartIncluding": "4.0.0"
},
{
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A972DF0-4055-44E8-9D98-B7DC2AEF55B3",
"versionEndExcluding": "4.1.42",
"versionStartIncluding": "4.1.0"
},
{
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6EDA53F-3877-484D-AE72-0272216702A5",
"versionEndExcluding": "4.2.34",
"versionStartIncluding": "4.2.0"
},
{
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C9F885F-AE1E-42D7-86C1-AF8251C73622",
"versionEndExcluding": "4.3.32",
"versionStartIncluding": "4.3.0"
},
{
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A16892A-743A-473F-952A-FBD86C6173B8",
"versionEndExcluding": "5.0.8",
"versionStartIncluding": "5.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
}
],
"operator": "OR"
}
]
}
]