{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-07-15T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver (WDDM) for Windows guests."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"}, {"name": "68601", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/68601"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2014/Dec/23"}, {"name": "oracle-cpujul2014-cve20144228(94613)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94613"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2014-4228", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver (WDDM) for Windows guests."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"}, {"name": "68601", "refsource": "BID", "url": "http://www.securityfocus.com/bid/68601"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2014/Dec/23"}, {"name": "oracle-cpujul2014-cve20144228(94613)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94613"}]}}}}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2014-4228", "datePublished": "2014-07-17T02:36:00", "dateReserved": "2014-06-17T00:00:00", "dateUpdated": "2018-10-09T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD89C065-F430-4CF1-8F49-FF0EEA543708", "versionEndIncluding": "4.1.32", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E0752242-640A-45C9-8489-29CA18EB63E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "A0B8C422-5A43-42E5-88C0-A9FC95D93ACC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "C961D5C9-421D-49F1-93AA-45366E726772", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "AE26DC6A-3BEE-4CCD-822C-026A8B29A4EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "3846D80E-F14A-43F9-BDB9-2558979EF3F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "91A6F1E9-4FD2-40D4-95C8-0B862D390DE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "6E0D8861-5F1E-44DB-85DE-CC2951AE359E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "458197CB-6044-4166-AF84-89808C55B940", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "3554B64F-8A8B-47A8-8E42-7748ACBE4B21", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "3A5FF0AC-F6B8-4B3A-9E4B-2CB27B2444D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "F36A26BF-A0AC-4FF1-89FA-4A1FE56DC36F", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "F2D30D84-F7D1-45C6-8E3F-783019A5EA75", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.24:*:*:*:*:*:*:*", "matchCriteriaId": "C3F9589B-9AAA-4E7E-94BE-94810A4D5C96", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.26:*:*:*:*:*:*:*", "matchCriteriaId": "532C1B8D-1D26-4A33-82D0-7157DA987B15", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.28:*:*:*:*:*:*:*", "matchCriteriaId": "2B836773-3EF0-468E-A74C-6C7354355AEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.1.30:*:*:*:*:*:*:*", "matchCriteriaId": "031DD371-DCBB-4347-B484-E2E6372DC800", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*", "matchCriteriaId": "31F8EE47-9B75-4AEE-9DB8-16FE537E65ED", "versionEndIncluding": "4.3.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7C652C69-3F7D-4527-9D8B-81C95D2B5194", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "A0D46897-F49D-4D9A-819A-846F6833F3B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "ED513E51-2F4F-4CBA-BA4E-0960C76775D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "22B0A194-02D5-4F3B-9317-2AB267D7E447", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "2AF46B0B-CE43-462B-A33A-F561DA0B7154", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE4DB37F-B15B-453E-B81A-3ABF7EF84C82", "versionEndIncluding": "4.2.24", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB32F058-DDF8-4942-8D40-E3F97E4A44CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C6BF7C87-3D44-4BAD-8A13-A0D3CEF6B413", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "39A70834-328F-4095-8515-DCF00EB7F41A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "C9EDA1CE-050F-4386-AC6D-690D4337ACF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "783B92AB-5FAA-43A6-8525-9725289B6785", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "C7AFC93C-A4AC-4189-B467-07C4CC7D2810", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "90379DE6-0E7E-4577-AF55-51801EEC5996", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.14:*:*:*:*:*:*:*", "matchCriteriaId": "8405F02F-805E-4472-A6B3-EC7746E25141", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.16:*:*:*:*:*:*:*", "matchCriteriaId": "71F68055-FD2D-4B4C-A0C7-EC507D4D82B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.18:*:*:*:*:*:*:*", "matchCriteriaId": "2C5E21CB-335F-4DE0-A578-C3097E0D5AE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.20:*:*:*:*:*:*:*", "matchCriteriaId": "C50DDA06-9C87-494C-B3F4-C8919FB47A27", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:vm_virtualbox:4.2.22:*:*:*:*:*:*:*", "matchCriteriaId": "17DF243D-B9DB-4FBB-AF67-D07CF36E8542", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver (WDDM) for Windows guests."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle VM VirtualBox en Oracle Virtualization VirtualBox anterior a 4.1.34, 4.2.26 y 4.3.12 permite a usuarios locales afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores relacionados con el controlador Graphics (WDDM) para los invitados de Windows."}], "id": "CVE-2014-4228", "lastModified": "2018-10-09T19:48:15.893", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-07-17T05:10:16.593", "references": [{"source": "secalert_us@oracle.com", "url": "http://seclists.org/fulldisclosure/2014/Dec/23"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"}, {"source": "secalert_us@oracle.com", "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"}, {"source": "secalert_us@oracle.com", "url": "http://www.securityfocus.com/bid/68601"}, {"source": "secalert_us@oracle.com", "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"}, {"source": "secalert_us@oracle.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94613"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}