{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-07-15T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2014/Dec/23"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2014-2489", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2014/Dec/23"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T10:14:26.604Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2014/Dec/23"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2014-2489", "datePublished": "2014-07-17T02:36:00", "dateReserved": "2014-03-13T00:00:00", "dateUpdated": "2024-08-06T10:14:26.604Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE4DB37F-B15B-453E-B81A-3ABF7EF84C82", "versionEndIncluding": "4.2.24", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB32F058-DDF8-4942-8D40-E3F97E4A44CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C6BF7C87-3D44-4BAD-8A13-A0D3CEF6B413", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "39A70834-328F-4095-8515-DCF00EB7F41A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "C9EDA1CE-050F-4386-AC6D-690D4337ACF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "783B92AB-5FAA-43A6-8525-9725289B6785", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "C7AFC93C-A4AC-4189-B467-07C4CC7D2810", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "90379DE6-0E7E-4577-AF55-51801EEC5996", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.14:*:*:*:*:*:*:*", "matchCriteriaId": "8405F02F-805E-4472-A6B3-EC7746E25141", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.16:*:*:*:*:*:*:*", "matchCriteriaId": "71F68055-FD2D-4B4C-A0C7-EC507D4D82B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.18:*:*:*:*:*:*:*", "matchCriteriaId": "2C5E21CB-335F-4DE0-A578-C3097E0D5AE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.20:*:*:*:*:*:*:*", "matchCriteriaId": "C50DDA06-9C87-494C-B3F4-C8919FB47A27", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.22:*:*:*:*:*:*:*", "matchCriteriaId": "17DF243D-B9DB-4FBB-AF67-D07CF36E8542", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD89C065-F430-4CF1-8F49-FF0EEA543708", "versionEndIncluding": "4.1.32", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E0752242-640A-45C9-8489-29CA18EB63E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "A0B8C422-5A43-42E5-88C0-A9FC95D93ACC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "C961D5C9-421D-49F1-93AA-45366E726772", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "AE26DC6A-3BEE-4CCD-822C-026A8B29A4EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "3846D80E-F14A-43F9-BDB9-2558979EF3F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "91A6F1E9-4FD2-40D4-95C8-0B862D390DE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "6E0D8861-5F1E-44DB-85DE-CC2951AE359E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "458197CB-6044-4166-AF84-89808C55B940", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "3554B64F-8A8B-47A8-8E42-7748ACBE4B21", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "3A5FF0AC-F6B8-4B3A-9E4B-2CB27B2444D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "F36A26BF-A0AC-4FF1-89FA-4A1FE56DC36F", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "F2D30D84-F7D1-45C6-8E3F-783019A5EA75", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.24:*:*:*:*:*:*:*", "matchCriteriaId": "C3F9589B-9AAA-4E7E-94BE-94810A4D5C96", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.26:*:*:*:*:*:*:*", "matchCriteriaId": "532C1B8D-1D26-4A33-82D0-7157DA987B15", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.28:*:*:*:*:*:*:*", "matchCriteriaId": "2B836773-3EF0-468E-A74C-6C7354355AEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.30:*:*:*:*:*:*:*", "matchCriteriaId": "031DD371-DCBB-4347-B484-E2E6372DC800", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*", "matchCriteriaId": "CEFB3AA6-9950-4887-A4F0-D5CD580A526A", "versionEndIncluding": "3.2.22", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "8203ECB2-CEC4-4D95-8268-FEB1DB65F1E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "F5D10F37-D229-4986-B299-C4854A711508", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "597BAF0B-5068-4FC0-A07C-BA4AF8AC9C29", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:3.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0CB01888-AD4D-4114-B316-605DCC9FC65A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:3.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "2CDF0733-9D68-4B88-80BD-22546E798EF9", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:3.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "14F5ED93-589C-4564-A52C-A2611ADA4C65", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:3.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "76F93F67-DE95-4BC6-8167-6AF4AF1DDD9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:3.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "BC847280-B8E0-41F1-8869-D59666741A86", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:3.2.14:*:*:*:*:*:*:*", "matchCriteriaId": "29D7C159-B6DE-4BDE-B300-B60B4657A601", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:3.2.16:*:*:*:*:*:*:*", "matchCriteriaId": "3B4235CE-96BA-42B5-9C1B-D7B22D69B664", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:3.2.18:*:*:*:*:*:*:*", "matchCriteriaId": "2BC05FE8-8962-48C2-9CF7-FDCACA2AF1EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:3.2.20:*:*:*:*:*:*:*", "matchCriteriaId": "A245759F-D85B-4656-A0EC-3E5BE0CBA631", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*", "matchCriteriaId": "742964CA-B5B6-4C74-8C82-05E35F0534CC", "versionEndIncluding": "4.0.24", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "CFF538E9-7D10-4B79-BDA7-8115047EC1BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "FC7D0E30-F894-4AF2-A8E5-84B23ECE521A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F6C73B0B-E30F-4B58-94A2-BE0A88541D91", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "AA6138B1-7961-4FC5-A025-FB741E67C510", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "2E5BD4A8-803F-4212-AC95-BBA67FE6EFDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "B578E469-F5C1-491B-A424-0AED0C9BF990", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "1B750106-96A7-4B78-B712-E695F9700F9F", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "62761101-94EC-46D8-BDE7-A5647CABFC60", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "09A1F4C8-B92A-4F8C-A820-828E30F89A2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "134B177A-AC4D-4667-B027-5418EA07DC13", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "B959447A-97EC-4F73-B9DB-A839FC67AFDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "97C83313-65A9-4EEA-8AAB-3879CD952258", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.0.22:*:*:*:*:*:*:*", "matchCriteriaId": "33D06A8F-9FB9-4552-82E9-52D67CB933FE", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*", "matchCriteriaId": "31F8EE47-9B75-4AEE-9DB8-16FE537E65ED", "versionEndIncluding": "4.3.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7C652C69-3F7D-4527-9D8B-81C95D2B5194", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "A0D46897-F49D-4D9A-819A-846F6833F3B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "ED513E51-2F4F-4CBA-BA4E-0960C76775D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "22B0A194-02D5-4F3B-9317-2AB267D7E447", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "2AF46B0B-CE43-462B-A33A-F561DA0B7154", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle VM VirtualBox en Oracle Virtualization VirtualBox anterior a 3.2.24, 4.0.26, 4.1.34, 4.2.26, y 4.3.12 permite a usuarios locales afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Core."}], "id": "CVE-2014-2489", "lastModified": "2024-11-21T02:06:24.297", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 2.7, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-07-17T05:10:14.937", "references": [{"source": "secalert_us@oracle.com", "url": "http://seclists.org/fulldisclosure/2014/Dec/23"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"}, {"source": "secalert_us@oracle.com", "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"}, {"source": "secalert_us@oracle.com", "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2014/Dec/23"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}