Privilege escalation vulnerability in the Oracle VM VirtualBox via VRDP - CVE-2016-5605| ID: oval:org.secpod.oval:def:37784 | Date: (C)2016-10-19 (M)2021-06-06 |
| Class: VULNERABILITY | Family: windows |
The host is installed with Oracle VM VirtualBox 5.1.x before 5.1.4 and is prone to a privilege escalation vulnerability. A flaw is present in the VirtualBox Remote Desktop Extension (VRDE), which fails to handle unknown vectors. Successful exploitation can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data.
| Platform: |
| Microsoft Windows 11 |
| Microsoft Windows Server 2022 |
| Microsoft Windows Server 2019 |
| Microsoft Windows Server 2016 |
| Microsoft Windows XP |
| Microsoft Windows Vista |
| Microsoft Windows 7 |
| Microsoft Windows Server 2003 |
| Microsoft Windows Server 2008 |
| Microsoft Windows Server 2008 R2 |
| Microsoft Windows 8 |
| Microsoft Windows 8.1 |
| Microsoft Windows 10 |
| Microsoft Windows Server 2012 |
| Microsoft Windows Server 2012 R2 |
| Product: |
| Oracle VM VirtualBox |
