CVE-2012-3221

Oracle VM Virtual Box - DoS

Title source: llm

Description

Unspecified vulnerability in the Oracle VM Virtual Box component in Oracle Virtualization 3.2, 4.0, and 4.1 allows local users to affect availability via unknown vectors related to VirtualBox Core. NOTE: The previous information was obtained from the October 2012 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect interrupt handling."

Exploits (1)

exploitdb WORKING POC

by halfdog · cdoslinux_x86-64

https://www.exploit-db.com/exploits/21224

View Code ZIP pw:eip

References (7)

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

[Patch, Vendor Advisory] http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/56045

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/79380

[Third Party Advisory] http://www.debian.org/security/2012/dsa-2594

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16681

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1027666

Scores

EPSS 0.0040

EPSS Percentile 60.5%

Details

Status published

Products (3)

oracle/virtualization 3.2

oracle/virtualization 4.0

oracle/virtualization 4.1

Published Oct 17, 2012

Tracked Since Feb 18, 2026