Endpoint Vulnerability

Security Vulnerability CVE-2014-0406 in VirtualBox

Description

Supported versions that are affected are VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20 and 4.3.4. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized update, insert or delete access to all Oracle VM VirtualBox accessible data and ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox.

Affected Products

VirtualBox

References

CVE-2014-0406,