CVE-2008-3431 - Oracle VirtualBox Insufficient Input Validation Vulnerability
Project:Oracle
Product:VirtualBox
Date Added:2022-03-03Due Date:2022-03-24
Vulnerability Name
Oracle VirtualBox Insufficient Input Validation Vulnerability
Description
An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2008-3431