CVE-2009-3940

Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12, 2.1.x, and 2.2.x, and Sun VirtualBox before 3.0.10, allows guest OS users to cause a denial of service (memory consumption) on the guest OS via unknown vectors.

CVSS v2.0 2.1 LOW

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00000.html
http://secunia.com/advisories/38420
http://sunsolve.sun.com/search/document.do?assetkey=1-66-271149-1	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sun:virtualbox::::::::
	cpe:2.3:a:sun:virtualbox:2.0.8:::::::*
	cpe:2.3:a:sun:virtualbox:2.0.10:::::::*
	cpe:2.3:a:sun:virtualbox:2.2:::::::*
	cpe:2.3:a:sun:virtualbox:3.0:::::::*
	cpe:2.3:a:sun:virtualbox:3.0.0:::::::*
	cpe:2.3:a:sun:virtualbox:3.0.2:::::::*
	cpe:2.3:a:sun:virtualbox:3.0.4:::::::*
	cpe:2.3:a:sun:virtualbox:3.0.6:::::::*
	cpe:2.3:a:sun:xvm_virtualbox::2.1::::::*
	cpe:2.3:a:sun:xvm_virtualbox:1.6:::::::*
	cpe:2.3:a:sun:xvm_virtualbox:1.6.0:::::::*
	cpe:2.3:a:sun:xvm_virtualbox:1.6.2:::::::*
	cpe:2.3:a:sun:xvm_virtualbox:1.6.4:::::::*
	cpe:2.3:a:sun:xvm_virtualbox:2.0.0:::::::*
	cpe:2.3:a:sun:xvm_virtualbox:2.0.2:::::::*
	cpe:2.3:a:sun:xvm_virtualbox:2.0.4:::::::*
	cpe:2.3:a:sun:xvm_virtualbox:2.0.6:::::::*
	cpe:2.3:a:sun:xvm_virtualbox:2.0.8:::::::*
	cpe:2.3:a:sun:xvm_virtualbox:2.0.10:::::::*
	cpe:2.3:a:sun:xvm_virtualbox:2.1.0:::::::*
	cpe:2.3:a:sun:xvm_virtualbox:2.1.2:::::::*
	cpe:2.3:a:sun:xvm_virtualbox:2.2:::::::*

History

No history.

Information

Published : 2009-11-16 19:30

Updated : 2023-12-10 10:51

NVD link : CVE-2009-3940

Mitre link : CVE-2009-3940

CVE.ORG link : CVE-2009-3940

JSON object : View

Products Affected

sun

virtualbox
xvm_virtualbox

CWE

NVD-CWE-noinfo

{"id": "CVE-2009-3940", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-11-16T19:30:01.030", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00000.html", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/38420", "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-271149-1", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12, 2.1.x, and 2.2.x, and Sun VirtualBox before 3.0.10, allows guest OS users to cause a denial of service (memory consumption) on the guest OS via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Guest Additions en Sun xVM VirtualBox v1.6.x y v2.0.x anteriores a v2.0.12, v2.1.x, y v2.2.x, y en Sun VirtualBox versiones anteriores a v3.0.10, permite a usuarios del sistema operativo hu\u00e9sped provocar una denegaci\u00f3n de servicio (consumo de memoria) en el sistema operativo hu\u00e9sped mediante vectores desconocidos."}], "lastModified": "2010-03-04T06:40:10.117", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sun:virtualbox:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C5E9DDF-5769-40FE-8E4E-9CBA1661EE02", "versionEndIncluding": "3.0.8"}, {"criteria": "cpe:2.3:a:sun:virtualbox:2.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6456F012-E72B-4622-BFD1-F95FEDA6E446"}, {"criteria": "cpe:2.3:a:sun:virtualbox:2.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0003E19C-EBAA-488F-B3F0-E2CFB283FBDD"}, {"criteria": "cpe:2.3:a:sun:virtualbox:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BE04EDC-3616-447B-9BED-4A5EE6A470D7"}, {"criteria": "cpe:2.3:a:sun:virtualbox:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E59E2578-5FCB-4829-A179-7865BB2D8D66"}, {"criteria": "cpe:2.3:a:sun:virtualbox:3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEB28343-0302-4490-AD8C-C0C5F9B0527B"}, {"criteria": "cpe:2.3:a:sun:virtualbox:3.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44193C48-D911-457D-B152-DE36E37AC6E3"}, {"criteria": "cpe:2.3:a:sun:virtualbox:3.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D151779F-5C0C-449E-BBEE-32830C03B865"}, {"criteria": "cpe:2.3:a:sun:virtualbox:3.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C043BB9-6FC5-427E-A7E3-B1D883E918A4"}, {"criteria": "cpe:2.3:a:sun:xvm_virtualbox:*:2.1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C14FA60-BC7D-4D12-9DC5-0612BD927262"}, {"criteria": "cpe:2.3:a:sun:xvm_virtualbox:1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76EE095C-735F-4E7D-8912-31AAFD547979"}, {"criteria": "cpe:2.3:a:sun:xvm_virtualbox:1.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D7A5D6B-F6F7-470F-8356-D2E1674CA46C"}, {"criteria": "cpe:2.3:a:sun:xvm_virtualbox:1.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8A055A1-5783-4AE1-88CD-1FA2C395B0EC"}, {"criteria": "cpe:2.3:a:sun:xvm_virtualbox:1.6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F0E82DA-18A2-4A46-A04D-F0CBDD4E8CCC"}, {"criteria": "cpe:2.3:a:sun:xvm_virtualbox:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "004F2896-4A98-4385-982D-D75351ABEEE6"}, {"criteria": "cpe:2.3:a:sun:xvm_virtualbox:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F96D440E-4639-4DF2-BEB1-BAD33A7E80CA"}, {"criteria": "cpe:2.3:a:sun:xvm_virtualbox:2.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C930392-136A-4C50-966E-D114C3DFB22E"}, {"criteria": "cpe:2.3:a:sun:xvm_virtualbox:2.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14D22D83-221C-4E88-BBB2-5FF7FD1DEDA0"}, {"criteria": "cpe:2.3:a:sun:xvm_virtualbox:2.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "594F0AA8-5455-4E1C-9483-4FECFDB378B9"}, {"criteria": "cpe:2.3:a:sun:xvm_virtualbox:2.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49E8FB90-1164-490A-A9DB-16415453C985"}, {"criteria": "cpe:2.3:a:sun:xvm_virtualbox:2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5900799-F465-4071-8E84-6126357971D1"}, {"criteria": "cpe:2.3:a:sun:xvm_virtualbox:2.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87877B75-41B5-4CF4-B3D1-D52EAF957675"}, {"criteria": "cpe:2.3:a:sun:xvm_virtualbox:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95639D96-67DE-4225-A0FC-3AAB6800C842"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}