mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
300 lines
11 KiB
JSON
300 lines
11 KiB
JSON
{
|
|
"id": "CVE-2014-4228",
|
|
"sourceIdentifier": "secalert_us@oracle.com",
|
|
"published": "2014-07-17T05:10:16.593",
|
|
"lastModified": "2018-10-09T19:48:15.893",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver (WDDM) for Windows guests."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad no especificada en el componente Oracle VM VirtualBox en Oracle Virtualization VirtualBox anterior a 4.1.34, 4.2.26 y 4.3.12 permite a usuarios locales afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores relacionados con el controlador Graphics (WDDM) para los invitados de Windows."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "LOCAL",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 4.4
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 3.4,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-noinfo"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "4.1.32",
|
|
"matchCriteriaId": "CD89C065-F430-4CF1-8F49-FF0EEA543708"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E0752242-640A-45C9-8489-29CA18EB63E2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A0B8C422-5A43-42E5-88C0-A9FC95D93ACC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C961D5C9-421D-49F1-93AA-45366E726772"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AE26DC6A-3BEE-4CCD-822C-026A8B29A4EC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3846D80E-F14A-43F9-BDB9-2558979EF3F4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "91A6F1E9-4FD2-40D4-95C8-0B862D390DE3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.12:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6E0D8861-5F1E-44DB-85DE-CC2951AE359E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.14:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "458197CB-6044-4166-AF84-89808C55B940"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.16:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3554B64F-8A8B-47A8-8E42-7748ACBE4B21"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.18:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3A5FF0AC-F6B8-4B3A-9E4B-2CB27B2444D5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.20:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F36A26BF-A0AC-4FF1-89FA-4A1FE56DC36F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.22:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F2D30D84-F7D1-45C6-8E3F-783019A5EA75"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.24:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C3F9589B-9AAA-4E7E-94BE-94810A4D5C96"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.26:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "532C1B8D-1D26-4A33-82D0-7157DA987B15"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.28:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2B836773-3EF0-468E-A74C-6C7354355AEC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.30:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "031DD371-DCBB-4347-B484-E2E6372DC800"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "4.3.10",
|
|
"matchCriteriaId": "31F8EE47-9B75-4AEE-9DB8-16FE537E65ED"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7C652C69-3F7D-4527-9D8B-81C95D2B5194"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A0D46897-F49D-4D9A-819A-846F6833F3B0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ED513E51-2F4F-4CBA-BA4E-0960C76775D0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "22B0A194-02D5-4F3B-9317-2AB267D7E447"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2AF46B0B-CE43-462B-A33A-F561DA0B7154"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "4.2.24",
|
|
"matchCriteriaId": "AE4DB37F-B15B-453E-B81A-3ABF7EF84C82"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DB32F058-DDF8-4942-8D40-E3F97E4A44CD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C6BF7C87-3D44-4BAD-8A13-A0D3CEF6B413"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "39A70834-328F-4095-8515-DCF00EB7F41A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C9EDA1CE-050F-4386-AC6D-690D4337ACF6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "783B92AB-5FAA-43A6-8525-9725289B6785"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C7AFC93C-A4AC-4189-B467-07C4CC7D2810"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.12:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "90379DE6-0E7E-4577-AF55-51801EEC5996"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.14:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8405F02F-805E-4472-A6B3-EC7746E25141"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.16:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "71F68055-FD2D-4B4C-A0C7-EC507D4D82B4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.18:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2C5E21CB-335F-4DE0-A578-C3097E0D5AE0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.20:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C50DDA06-9C87-494C-B3F4-C8919FB47A27"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.22:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "17DF243D-B9DB-4FBB-AF67-D07CF36E8542"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://seclists.org/fulldisclosure/2014/Dec/23",
|
|
"source": "secalert_us@oracle.com"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
|
|
"source": "secalert_us@oracle.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded",
|
|
"source": "secalert_us@oracle.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/68601",
|
|
"source": "secalert_us@oracle.com"
|
|
},
|
|
{
|
|
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
|
|
"source": "secalert_us@oracle.com"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94613",
|
|
"source": "secalert_us@oracle.com"
|
|
}
|
|
]
|
|
} |