CVE-2014-2477

Related Files

VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation

Posted Aug 12, 2014

Authored by Matt Bergin, Jay Smith | Site metasploit.com

A vulnerability within the VBoxGuest driver allows an attacker to inject memory they control into an arbitrary location they define. This can be used by an attacker to overwrite HalDispatchTable+0x4 and execute arbitrary code by subsequently calling NtQueryIntervalProfile on Windows XP SP3 systems. This has been tested with VBoxGuest Additions up to 4.3.10r93012.

tags | exploit, arbitrary

systems | windows

advisories | CVE-2014-2477

SHA-256 | ed08fc54fb11f75fb8240f00e12ad3f0eb15c9ef81cff67a88e74e2b8793b557

Download | Favorite | View

Oracle VirtualBox Guest Additions Arbitrary Write Privilege Escalation

Posted Jul 15, 2014

Authored by Matthew Bergin

A vulnerability within VBoxGuest module allows an attacker to inject memory they control into an arbitrary location they define. This can be used by an attacker to overwrite HalDispatchTable+0x4 and execute arbitrary code by subsequently calling NtQueryIntervalProfile. Oracle VirtualBox Guest Additions versions 4.3.8 through 4.3.10 are affected.

tags | exploit, arbitrary

advisories | CVE-2014-2477

SHA-256 | 23d2e313c1427a208d2779f1e9be216e6d3f6f4025a67191718be30d6c492262

Download | Favorite | View