Oracle VM VirtualBox CVE-2017-3576 Local Security Vulnerability

Oracle VM VirtualBox is prone to a local security vulnerability in Oracle VM VirtualBox.

The 'Core' sub component is affected.

This vulnerability affects the following supported versions:
Prior to 5.0.38, Prior to 5.1.20

Information

Bugtraq ID: 97759
Class: Unknown
CVE: CVE-2017-3576

Remote: No
Local: Yes
Published: Apr 18 2017 12:00AM
Updated: Apr 18 2017 11:41PM
Credit: Jann Horn
Vulnerable: Oracle VM VirtualBox 5.1.16
Oracle VM VirtualBox 5.1.14
Oracle VM VirtualBox 5.1.10
Oracle VM VirtualBox 5.1.8
Oracle VM VirtualBox 5.0.34
Oracle VM VirtualBox 5.0.32
Oracle VM VirtualBox 5.0.28
Oracle VM VirtualBox 5.0.26
Oracle VM VirtualBox 5.0.22
Oracle VM VirtualBox 5.0.16
Oracle VM VirtualBox 5.0.14
Oracle VM VirtualBox 5.0.13
Oracle VM VirtualBox 5.0.12
Oracle VM VirtualBox 5.0.11
Oracle VM VirtualBox 5.0.10
Oracle VM VirtualBox 5.0.9
Oracle VM VirtualBox 5.0.8
Oracle VM VirtualBox 5.0.18
Oracle VM VirtualBox 5.0

Not Vulnerable: Oracle VM VirtualBox 5.1.20
Oracle VM VirtualBox 5.0.38

Exploit

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References:

• Oracle Homepage (Oracle)
  
• Oracle Critical Patch Update Advisory - April 2017 (Oracle)
  

Source: www.securityfocus.com