Twenty Year Anniversary
Showing 1 - 3 of 3 RSS Feed

CVE-2014-0981

Status Candidate

Overview

VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local guest OS users to execute arbitrary code on the Chromium server via crafted Chromium network pointer in a (1) CR_MESSAGE_READBACK or (2) CR_MESSAGE_WRITEBACK message to the VBoxSharedCrOpenGL service, which triggers an arbitrary pointer dereference and memory corruption. NOTE: this issue was MERGED with CVE-2014-0982 because it is the same type of vulnerability affecting the same set of versions. All CVE users should reference CVE-2014-0981 instead of CVE-2014-0982.

Related Files

Gentoo Linux Security Advisory 201612-27
Posted Dec 12, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-27 - Multiple vulnerabilities have been found in VirtualBox, the worst of which allows local users to escalate privileges. Versions before 4.3.28 are affected.

tags | advisory, local, vulnerability
systems | linux, gentoo
advisories | CVE-2014-0981, CVE-2014-0983, CVE-2014-6588, CVE-2014-6589, CVE-2014-6590, CVE-2014-6595, CVE-2015-0377, CVE-2015-0418, CVE-2015-0427, CVE-2015-3456, CVE-2016-5608, CVE-2016-5610, CVE-2016-5611, CVE-2016-5613
MD5 | 6848c8ab4843cb272f296323e4cb93f2
Debian Security Advisory 2904-1
Posted Apr 15, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2904-1 - Francisco Falcon discovered that missing input sanisiting in the 3D acceleration code in VirtualBox could lead to the execution of arbitrary code on the host system.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2014-0981, CVE-2014-0983
MD5 | 38c555d5abed8eb33b1abfc36cbc9279
Oracle VirtualBox 3D Acceleration Memory Corruption
Posted Mar 11, 2014
Authored by Core Security Technologies, Andres Blanco, Francisco Falcon | Site coresecurity.com

Core Security Technologies Advisory - Multiple memory corruption vulnerabilities have been found in the code that implements 3D Acceleration for OpenGL graphics in Oracle VirtualBox. These vulnerabilities could allow an attacker who is already running code within a Guest OS to escape from the virtual machine and execute arbitrary code on the Host OS.

tags | exploit, arbitrary, vulnerability
advisories | CVE-2014-0981, CVE-2014-0982, CVE-2014-0983
MD5 | e64c663a75df61c063ab412dac73acc8
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    15 Files
  • 18
    Jul 18th
    15 Files
  • 19
    Jul 19th
    17 Files
  • 20
    Jul 20th
    11 Files
  • 21
    Jul 21st
    1 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close