Vulnerability Details : CVE-2016-3597
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.26 allows local users to affect availability via vectors related to Core.
Exploit prediction scoring system (EPSS) score for CVE-2016-3597
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 24 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2016-3597
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:N/A:P |
3.9
|
2.9
|
NIST |
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST |
References for CVE-2016-3597
-
http://www.securityfocus.com/bid/91787
Oracle July 2016 Critical Patch Update Multiple VulnerabilitiesThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/91864
Oracle VM VirtualBox CVE-2016-3597 Local Security Vulnerability
-
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Oracle Critical Patch Update - July 2016Patch;Vendor Advisory
-
http://www.securitytracker.com/id/1036384
Oracle VM VirtualBox Flaws Let Remote Users Access Data and Local Users Deny Service - SecurityTracker
Products affected by CVE-2016-3597
- cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*