Unrated severityNVD Advisory· Published Jan 17, 2013· Updated Apr 29, 2026

CVE-2013-0420

Description

Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 allows local users to affect integrity and availability via unknown vectors related to Core. NOTE: The previous information was obtained from the January 2013 Oracle CPU. Oracle has not commented on claims from another vendor that this issue is related to an incorrect comparison in the vga_draw_text function in Devices/Graphics/DevVGA.cpp, which can cause VirtualBox to "draw more lines than necessary."

Affected products

OpenSUSE/openSUSE2 versions
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
Oracle Corporation/Virtualization3 versions
cpe:2.3:a:oracle:virtualization:4.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:oracle:virtualization:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:virtualization:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:virtualization:4.2:*:*:*:*:*:*:*
Oracle Corporation/Vm Virtualbox3 versions
cpe:2.3:a:oracle:vm_virtualbox:4.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:oracle:vm_virtualbox:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:vm_virtualbox:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:vm_virtualbox:4.2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugzilla.novell.com/show_bug.cginvdPatch
www.virtualbox.org/changeset/44055/vboxnvdExploitPatch
lists.opensuse.org/opensuse-updates/2013-02/msg00000.htmlnvdVendor Advisory
www.oracle.com/technetwork/topics/security/cpujan2013-1515902.htmlnvdVendor Advisory
www.mandriva.com/security/advisoriesnvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15763nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000