CVE-2017-3316 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-3316 Interim 1 14 2024-12-04T02:56:57Z current 2021-05-30T13:50:59Z 2024-12-04T02:56:57Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-3316 Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI). Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS v3.0 Base Score 8.4 (Confidentiality, Integrity and Availability impacts). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TVO46F3SPTOSUAHAYASMDSULV7JY5FDM/#TVO46F3SPTOSUAHAYASMDSULV7JY5FDM E-Mail link for openSUSE-SU-2017:0332-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BK5WWHSGUA5KKVN2DWUSYX7SCJSQ25GO/#BK5WWHSGUA5KKVN2DWUSYX7SCJSQ25GO E-Mail link for openSUSE-SU-2017:0382-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 15.0 openSUSE Leap 15.3 openSUSE Leap 15.4 openSUSE Tumbleweed python3-virtualbox-6.1.26-3.2 virtualbox-6.1.26-3.2 virtualbox-devel-6.1.26-3.2 virtualbox-guest-desktop-icons-6.1.26-3.2 virtualbox-guest-kmp-default-5.2.10_k4.12.14_lp150.11-lp150.3.6 virtualbox-guest-source-6.1.26-3.2 virtualbox-guest-tools-5.2.10-lp150.3.6 virtualbox-guest-tools-6.1.20-lp153.1.8 virtualbox-guest-tools-6.1.26-3.2 virtualbox-guest-tools-6.1.32-lp154.1.83 virtualbox-guest-x11-5.2.10-lp150.3.6 virtualbox-guest-x11-6.1.20-lp153.1.8 virtualbox-guest-x11-6.1.26-3.2 virtualbox-guest-x11-6.1.32-lp154.1.83 virtualbox-host-source-6.1.26-3.2 virtualbox-kmp-default-6.1.20_k5.3.18_57-lp153.1.2 virtualbox-kmp-default-6.1.32_k5.14.21_150400.22-lp154.1.67 virtualbox-qt-6.1.26-3.2 virtualbox-vnc-6.1.26-3.2 virtualbox-websrv-6.1.26-3.2 virtualbox-guest-kmp-default-5.2.10_k4.12.14_lp150.11-lp150.3.6 as a component of openSUSE Leap 15.0 virtualbox-guest-tools-5.2.10-lp150.3.6 as a component of openSUSE Leap 15.0 virtualbox-guest-x11-5.2.10-lp150.3.6 as a component of openSUSE Leap 15.0 virtualbox-guest-tools-6.1.20-lp153.1.8 as a component of openSUSE Leap 15.3 virtualbox-guest-x11-6.1.20-lp153.1.8 as a component of openSUSE Leap 15.3 virtualbox-kmp-default-6.1.20_k5.3.18_57-lp153.1.2 as a component of openSUSE Leap 15.3 virtualbox-guest-tools-6.1.32-lp154.1.83 as a component of openSUSE Leap 15.4 virtualbox-guest-x11-6.1.32-lp154.1.83 as a component of openSUSE Leap 15.4 virtualbox-kmp-default-6.1.32_k5.14.21_150400.22-lp154.1.67 as a component of openSUSE Leap 15.4 python3-virtualbox-6.1.26-3.2 as a component of openSUSE Tumbleweed virtualbox-6.1.26-3.2 as a component of openSUSE Tumbleweed virtualbox-devel-6.1.26-3.2 as a component of openSUSE Tumbleweed virtualbox-guest-desktop-icons-6.1.26-3.2 as a component of openSUSE Tumbleweed virtualbox-guest-source-6.1.26-3.2 as a component of openSUSE Tumbleweed virtualbox-guest-tools-6.1.26-3.2 as a component of openSUSE Tumbleweed virtualbox-guest-x11-6.1.26-3.2 as a component of openSUSE Tumbleweed virtualbox-host-source-6.1.26-3.2 as a component of openSUSE Tumbleweed virtualbox-qt-6.1.26-3.2 as a component of openSUSE Tumbleweed virtualbox-vnc-6.1.26-3.2 as a component of openSUSE Tumbleweed virtualbox-websrv-6.1.26-3.2 as a component of openSUSE Tumbleweed Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI). Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS v3.0 Base Score 8.4 (Confidentiality, Integrity and Availability impacts). CVE-2017-3316 openSUSE Leap 15.0:virtualbox-guest-kmp-default-5.2.10_k4.12.14_lp150.11-lp150.3.6 openSUSE Leap 15.0:virtualbox-guest-tools-5.2.10-lp150.3.6 openSUSE Leap 15.0:virtualbox-guest-x11-5.2.10-lp150.3.6 openSUSE Leap 15.3:virtualbox-guest-tools-6.1.20-lp153.1.8 openSUSE Leap 15.3:virtualbox-guest-x11-6.1.20-lp153.1.8 openSUSE Leap 15.3:virtualbox-kmp-default-6.1.20_k5.3.18_57-lp153.1.2 openSUSE Leap 15.4:virtualbox-guest-tools-6.1.32-lp154.1.83 openSUSE Leap 15.4:virtualbox-guest-x11-6.1.32-lp154.1.83 openSUSE Leap 15.4:virtualbox-kmp-default-6.1.32_k5.14.21_150400.22-lp154.1.67 openSUSE Tumbleweed:python3-virtualbox-6.1.26-3.2 openSUSE Tumbleweed:virtualbox-6.1.26-3.2 openSUSE Tumbleweed:virtualbox-devel-6.1.26-3.2 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-6.1.26-3.2 openSUSE Tumbleweed:virtualbox-guest-source-6.1.26-3.2 openSUSE Tumbleweed:virtualbox-guest-tools-6.1.26-3.2 openSUSE Tumbleweed:virtualbox-guest-x11-6.1.26-3.2 openSUSE Tumbleweed:virtualbox-host-source-6.1.26-3.2 openSUSE Tumbleweed:virtualbox-qt-6.1.26-3.2 openSUSE Tumbleweed:virtualbox-vnc-6.1.26-3.2 openSUSE Tumbleweed:virtualbox-websrv-6.1.26-3.2 important 6 AV:N/AC:M/Au:S/C:P/I:P/A:P 8.4 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H