[Secure-testing-team] Bug#735410: virtualbox: CVE-2013-5892 CVE-2014-0407 CVE-2014-0406 CVE-2014-0404
Moritz Muehlenhoff
jmm at inutil.org
Wed Jan 15 08:19:56 UTC 2014
Package: virtualbox
Severity: grave
Tags: security
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
Several vulnerabilities have been reported in VirtualBox. Details are scarce, so
please get in touch with upstream for more information on eventual backports
to oldstable/stable. Judging from the CVSS scores this is likely only local
denial of service, in that case we likely don't need a DSA.
CVE-2013-5892
CVE-2014-0407
CVE-2014-0406
CVE-2014-0404
In addition CVE-2014-0405 seems to affect virtualbox-guest-additions-iso from non-free
Cheers,
Moritz
More information about the Secure-testing-team
mailing list