| Vulnerability Name: | CVE-2014-0981 (CCN-91752) | ||||||||||||||||||||
| Assigned: | 2014-03-11 | ||||||||||||||||||||
| Published: | 2014-03-11 | ||||||||||||||||||||
| Updated: | 2018-10-09 | ||||||||||||||||||||
| Summary: | VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local guest OS users to execute arbitrary code on the Chromium server via crafted Chromium network pointer in a (1) CR_MESSAGE_READBACK or (2) CR_MESSAGE_WRITEBACK message to the VBoxSharedCrOpenGL service, which triggers an arbitrary pointer dereference and memory corruption. Note: this issue was MERGED with CVE-2014-0982 because it is the same type of vulnerability affecting the same set of versions. All CVE users should reference CVE-2014-0981 instead of CVE-2014-0982. | ||||||||||||||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||
| CVSS v2 Severity: | 4.4 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P) 3.4 Low (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)
5.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)
| ||||||||||||||||||||
| Vulnerability Type: | CWE-399 | ||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2014-0981 Source: FULLDISC Type: Exploit 20140311 CORE-2014-0002 - Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities Source: CCN Type: SA57384 Oracle VirtualBox 3D Acceleration Multiple Privilege Escalation Vulnerabilities Source: SECUNIA Type: Vendor Advisory 57384 Source: MISC Type: Exploit http://www.coresecurity.com/advisories/oracle-virtualbox-3d-acceleration-multiple-memory-corruption-vulnerabilities Source: DEBIAN Type: UNKNOWN DSA-2904 Source: EXPLOIT-DB Type: UNKNOWN 32208 Source: CCN Type: Oracle Web site Oracle Critical Patch Update Advisory - April 2014 Source: CONFIRM Type: UNKNOWN http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html Source: BUGTRAQ Type: UNKNOWN 20140311 CORE-2014-0002 - Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities Source: CCN Type: BID-66131 Oracle VM VirtualBox 'crNetRecvReadback()' Function Memory Corruption Vulnerability Source: XF Type: UNKNOWN oracle-virtualbox-cve20140981-code-exec(91752) Source: CCN Type: Packet Storm Security [03-11-2014] Oracle VirtualBox 3D Acceleration Memory Corruption Source: GENTOO Type: UNKNOWN GLSA-201612-27 Source: EXPLOIT-DB Type: EXPLOIT Offensive Exploit Database [03-12-2014] Source: CCN Type: VirtualBox Web site Oracle VM VirtualBox Source: CONFIRM Type: UNKNOWN https://www.virtualbox.org/changeset/50437/vbox Source: CCN Type: WhiteSource Vulnerability Database CVE-2014-0981 | ||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
| BACK | |||||||||||||||||||||