VYPR

Virtualox

by Virtualox

CVEs (2)

  • CVE-2008-3431HigKEVAug 5, 2008
    risk 0.73cvss 8.8epss 0.07

    The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the…

  • CVE-2008-5256Nov 27, 2008
    risk 0.00cvss epss 0.00

    The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.vbox-$USER-ipc/lock temporary file.