CVE-2008-3431

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.
Configurations

Configuration 1

cpe:2.3:a:sun:xvm_virtualbox:*:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:1.5.6:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:1.5.4:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:1.3.8:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:1.3.6:*:*:*:*:*:*:*

Information

Published : 2008-08-05 07:41

Updated : 2018-10-11 08:48


NVD link : CVE-2008-3431

Mitre link : CVE-2008-3431

Products Affected
No products.
CWE