CVE-2013-0420

EUVD-2013-0431
Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 allows local users to affect integrity and availability via unknown vectors related to Core.  NOTE: The previous information was obtained from the January 2013 Oracle CPU. Oracle has not commented on claims from another vendor that this issue is related to an incorrect comparison in the vga_draw_text function in Devices/Graphics/DevVGA.cpp, which can cause VirtualBox to "draw more lines than necessary."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.4 UNKNOWN
LOCAL
HIGH
AV:L/AC:H/Au:S/C:N/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
Affected Products (NVD)
VendorProductVersion
opensuseopensuse
12.1
opensuseopensuse
12.2
oraclevirtualization
4.0
oraclevirtualization
4.1
oraclevirtualization
4.2
oraclevm_virtualbox
4.0
oraclevm_virtualbox
4.1.0
oraclevm_virtualbox
4.2.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
virtualbox
sid/contrib
7.0.20-dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
virtualbox
hardy
dne
lucid
dne
oneiric
ignored
precise
Fixed 4.1.12-dfsg-2ubuntu0.6
released
quantal
ignored
raring
ignored
saucy
not-affected
trusty
dne
virtualbox-ose
hardy
ignored
lucid
ignored
oneiric
dne
precise
dne
quantal
dne
raring
dne
saucy
dne
trusty
dne
References
http://lists.opensuse.org/opensuse-updates/2013-02/msg00000.html
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
https://bugzilla.novell.com/show_bug.cgi?id=798776
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15763
https://www.virtualbox.org/changeset/44055/vbox
http://lists.opensuse.org/opensuse-updates/2013-02/msg00000.html
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
https://bugzilla.novell.com/show_bug.cgi?id=798776
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15763
https://www.virtualbox.org/changeset/44055/vbox