CVE-2013-0420

7 documents6 sources
Severity
2.4LOW
EPSS
0.1%
top 70.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Opensuse OpensuseOracle VirtualizationOracle VM Virtualbox
Timeline
PublishedJan 17
Latest updateMay 5

Description

Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 allows local users to affect integrity and availability via unknown vectors related to Core. NOTE: The previous information was obtained from the January 2013 Oracle CPU. Oracle has not commented on claims from another vendor that this issue is related to an incorrect comparison in the vga_draw_text function in Devices/Graphics/DevVGA.cpp, which can cause VirtualBox to "draw more lines than necessary

CVSS vector

AV:L/AC:H/C:N/I:P/A:PExploitability: 1.5 | Impact: 4.9

Affected Packages4 packages

NVDoracle/vm_virtualbox4.0, 4.1.0, 4.2.0+2
NVDoracle/virtualization4.0, 4.1, 4.2+2
Ubuntuvirtualbox< 4.3.10-dfsg-1
NVDopensuse/opensuse12.1, 12.2+1

Patches

Patch: bugzilla.novell.comPatch: www.virtualbox.orgPatch: bugzilla.novell.com

🔴Vulnerability Details

3
GHSA
GHSA-p2wh-44xv-2q95: Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 42022-05-05
OSV
CVE-2013-0420: Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 42013-01-17
CVEList
CVE-2013-0420: Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 42013-01-17

📋Vendor Advisories

1
Debian
CVE-2013-0420: virtualbox - Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4...2013
CVE-2013-0420 (LOW CVSS 2.4) | Unspecified vulnerability in the Vi | cvebase.io