CVE-2013-0420
https://notcve.org/view.php?id=CVE-2013-0420
Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 allows local users to affect integrity and availability via unknown vectors related to Core. NOTE: The previous information was obtained from the January 2013 Oracle CPU. Oracle has not commented on claims from another vendor that this issue is related to an incorrect comparison in the vga_draw_text function in Devices/Graphics/DevVGA.cpp, which can cause VirtualBox to "draw more lines than necessary." Una vulnerabilidad no especificada en el componente VirtualBox en Oracle Virtualization v4.0, v4.1 y v4.2 permite a usuarios locales afectan la integridad y la disponibilidad a través de vectores desconocidos relacionados con el Core (nucleo). • http://lists.opensuse.org/opensuse-updates/2013-02/msg00000.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html https://bugzilla.novell.com/show_bug.cgi?id=798776 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15763 https://www.virtualbox.org/changeset/44055/vbox •
CVE-2012-3221 – Oracle VM VirtualBox 4.1 - Local Denial of Service
https://notcve.org/view.php?id=CVE-2012-3221
Unspecified vulnerability in the Oracle VM Virtual Box component in Oracle Virtualization 3.2, 4.0, and 4.1 allows local users to affect availability via unknown vectors related to VirtualBox Core. NOTE: The previous information was obtained from the October 2012 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect interrupt handling." Vulnerabilidad no específica en el componente Oracle VM Virtual Box en Oracle Virtualization v3.2, v4.0, y v4.1 permite a usuarios locales a afectar la disponibilidad a través de vectores desconocidos relacionados con VirtualBox Core. • https://www.exploit-db.com/exploits/21224 http://www.debian.org/security/2012/dsa-2594 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html http://www.securityfocus.com/bid/56045 http://www.securitytracker.com/id?1027666 https://exchange.xforce.ibmcloud.com/vulnerabilities/79380 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16681 •
CVE-2012-1685
https://notcve.org/view.php?id=CVE-2012-1685
Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 allows remote attackers to affect integrity via unknown vectors related to Core. Vulnerabilidad no especificada en el componente Secure Global Desktop en Oracle Virtualization v4.6 permite a atacantes remotos afectar la integridad mediante vectores desconocidos relacionados con Core. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html http://www.securitytracker.com/id?1027666 https://exchange.xforce.ibmcloud.com/vulnerabilities/79379 •
CVE-2012-0111
https://notcve.org/view.php?id=CVE-2012-0111
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows local users to affect confidentiality and integrity via unknown vectors related to Shared Folders. Vulnerabilidad no especificada en el componente Oracle VM VirtualBox en Oracle Virtualization v4.1 permite a usuarios locales afectar a la confidencialidad y a la integridad de los datos a través de vectores desconocidos relacionados con las carpetas compartidas. • http://lists.opensuse.org/opensuse-updates/2012-10/msg00041.html http://secunia.com/advisories/48755 http://secunia.com/advisories/50897 http://security.gentoo.org/glsa/glsa-201204-01.xml http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16722 •
CVE-2011-3571 – OpenJDK: AtomicReferenceArray insufficient array type check (Concurrency, 7082299)
https://notcve.org/view.php?id=CVE-2011-3571
Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI) component in Oracle Virtualization 3.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Session. NOTE: this CVE identifier was accidentally used for a Concurrency issue in Java Runtime Environment, but that issue has been reassigned to CVE-2012-0507. Una vulnerabilidad no especificada en el componente Virtual Desktop Infrastructure (VDI) en Virtualization de Oracle versión 3.2, permite a los usuarios autenticados remotos afectar la confidencialidad y la integridad por medio de vectores desconocidos relacionados a Session. NOTA: este identificador de CVE fue usado accidentalmente por un problema Concurrente en Java Runtime Environment, pero ese problema ha sido reasignado a CVE-2012-0507. • http://lists.opensuse.org/opensuse-updates/2012-10/msg00041.html http://secunia.com/advisories/48073 http://secunia.com/advisories/48074 http://secunia.com/advisories/50897 http://security.gentoo.org/glsa/glsa-201406-32.xml http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html https://access.redhat.com/security/cve/CVE-2011-3571 https://bugzilla.redhat.com/show_bug.cgi?id=788994 •