Francisco Falcon discovered that missing input sanitizing in the 3D acceleration code in VirtualBox could lead to the execution of arbitrary code on the host system. For the oldstable distribution (squeeze), these problems have been fixed in version 3.2.10-dfsg-1+squeeze3. For the stable distribution (wheezy), these problems have been fixed in version 4.1.18-dfsg-2+deb7u3. For the testing distribution (jessie), these problems have been fixed in version 4.3.10-dfsg-1. For the unstable distribution (sid), these problems have been fixed in version 4.3.10-dfsg-1. We recommend that you upgrade your virtualbox packages.
Francisco Falcon discovered that missing input sanitizing in the 3D acceleration code in VirtualBox could lead to the execution of arbitrary code on the host system.
For the oldstable distribution (squeeze), these problems have been fixed in version 3.2.10-dfsg-1+squeeze3.
For the stable distribution (wheezy), these problems have been fixed in version 4.1.18-dfsg-2+deb7u3.
For the testing distribution (jessie), these problems have been fixed in version 4.3.10-dfsg-1.
For the unstable distribution (sid), these problems have been fixed in version 4.3.10-dfsg-1.
We recommend that you upgrade your virtualbox packages.