CVE-2016-0602

EPSS 1.05%
Published 21.01.2016 03:02:30
Last modified 12.04.2025 10:46:40
Source secalert_us@oracle.com
Teams watchlist Login
Open Login

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.14 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Windows Installer.  NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is an untrusted search path issue that allows local users to gain privileges via a Trojan horse dll in the "application directory."

Affected products Warnungen 0 Metrics 2 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Oracle ≫ Vm Virtualbox Version <= 5.0.12

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.05%	0.766

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.2	1.9	10	AV:L/AC:H/Au:N/C:C/I:C/A:C

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

Patch

Vendor Advisory

http://www.securitytracker.com/id/1034731

http://seclists.org/fulldisclosure/2016/Feb/54

http://www.securityfocus.com/archive/1/537462/100/0/threaded

https://nvd.nist.gov/vuln/detail/CVE-2016-0602

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-0602

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-0602

EUVD