The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

vulnerability announce CVE-2019-2574 CVE-2019-2656 CVE-2019-2657

Oracle VM VirtualBox: vulnerabilities of April 2019

Synthesis of the vulnerability

Several vulnerabilities were announced in Oracle products.
Vulnerable products: VirtualBox.
Severity of this weakness: 2/4.
Consequences of an attack: administrator access/rights, privileged access/rights, user access/rights, data reading, data creation/edition, data deletion, denial of service on server, denial of service on service.
Hacker's origin: user shell.
Number of vulnerabilities in this bulletin: 12.
Creation date: 17/04/2019.
Revisions dates: 18/04/2019, 25/04/2019, 30/04/2019.
Références of this bulletin: 1811, CERTFR-2019-AVI-177, cpuapr2019, CVE-2019-2574, CVE-2019-2656, CVE-2019-2657, CVE-2019-2678, CVE-2019-2679, CVE-2019-2680, CVE-2019-2690, CVE-2019-2696, CVE-2019-2703, CVE-2019-2721, CVE-2019-2722, CVE-2019-2723, VIGILANCE-VUL-29052, ZDI-19-376, ZDI-19-377, ZDI-19-378, ZDI-19-379, ZDI-19-380, ZDI-19-381, ZDI-19-382, ZDI-19-383, ZDI-19-384, ZDI-19-385, ZDI-19-386, ZDI-19-387, ZDI-19-388, ZDI-19-389, ZDI-19-390, ZDI-19-391, ZDI-19-392, ZDI-19-393, ZDI-19-394, ZDI-19-395, ZDI-19-396, ZDI-19-397, ZDI-19-398, ZDI-19-423, ZDI-19-424, ZDI-19-425.

Description of the vulnerability

Several vulnerabilities were announced in Oracle products.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides system vulnerability announces. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce vulnerability database contains several thousand vulnerabilities.