Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.6
CVSSv2

CVE-2015-2594

Published: 16/07/2015 Updated: 05/02/2019
CVSS v2 Base Score: 6.6 | Impact Score: 10 | Exploitability Score: 2.7
VMScore: 587
Vector: AV:L/AC:M/Au:S/C:C/I:C/A:C
Subscribe to Vm Virtualbox

Vulnerability Summary

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.0.32, 4.1.40, 4.2.32, and 4.3.30 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle vm virtualbox

debian debian linux 7.0

debian debian linux 8.0

debian debian linux 9.0

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2015-2594
Debian Bug report logs - #792446 CVE-2015-2594 Package: virtualbox; Maintainer for virtualbox is Debian Virtualbox Team <team+debian-virtualbox@trackerdebianorg>; Source for virtualbox is src:virtualbox (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Tue, 14 Jul 2015 20:27:02 UTC Sever ...
Debian Security Advisories: DSA-3359-1 virtualbox -- security update
This update fixes an unspecified security issue in VirtualBox related to guests using bridged networking via WiFi Oracle no longer provides information on specific security vulnerabilities in VirtualBox To still support users of the already released Debian releases we've decided to update these to the respective 4140 and 4330 bugfix releases ...

Recent Articles

Hey, Oracle, what's in that VirtualBox security update? *crickets*
The Register • Chris Williams, Editor in Chief • 15 Sep 2015

Debian team bit miffed about secretive vuln fixes in hypervisor software

It's not just Microsoft keeping schtum on exactly what's inside its software updates. Oracle is keeping details of security patches for its VirtualBox hypervisor software a secret, members of the Debian team pointed out this week. Back in July, Oracle emitted a big batch of updates for its products, including new features in VirtualBox and a fix for a vulnerability in the application labeled CVE-2015-2594. All we were told at the time about the bug was that it involves guest OSes using bridged n...

Read more...

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.securityfocus.com/bid/75899http://www.debian.org/security/2015/dsa-3359http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792446https://nvd.nist.govhttps://www.debian.org/security/./dsa-3359
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook