Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2014-2477 — Oracle VM Virtualbox vulnerability
12 documents7 sources
Severity
3.6LOWNVD
NVD3.0
EPSS
7.5%
top 8.19%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedJul 17
Latest updateMay 14
Description
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-2486.
CVSS vector
AV:L/AC:L/C:N/I:P/A:PExploitability: 3.9 | Impact: 4.9
Affected Packages2 packages
🔴Vulnerability Details
6GHSA▶
GHSA-mhxv-5q9h-hp9c: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3↗2022-05-14
GHSA▶
GHSA-cfv3-vpqw-2xgj: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3↗2022-05-14
CVEList▶
CVE-2014-2486: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3↗2014-07-17
OSV▶
CVE-2014-2486: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3↗2014-07-17
OSV▶
CVE-2014-2477: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3↗2014-07-17