1
Candidate: CVE-2018-2686
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2686
6
Vulnerability in the Oracle VM VirtualBox component of Oracle
7
Virtualization (subcomponent: Core). Supported versions that are affected
8
are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability
9
allows unauthenticated attacker with logon to the infrastructure where
10
Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.
11
Successful attacks require human interaction from a person other than the
12
attacker and while the vulnerability is in Oracle VM VirtualBox, attacks
13
may significantly impact additional products. Successful attacks of this
14
vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base
15
Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS
16
Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
26
upstream_virtualbox: released (5.2.6-dfsg-1)
27
precise/esm_virtualbox: DNE
28
trusty_virtualbox: needs-triage
29
xenial_virtualbox: needs-triage
30
artful_virtualbox: needs-triage
31
bionic_virtualbox: needs-triage
32
devel_virtualbox: needs-triage