How severe is CVE-2017-10242?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.3 out of 10.

What type of vulnerability is CVE-2017-10242?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2017-10242

HIGH Year: 2017

CVSS v3 Score

7.3

High

CVSS v2 Score

4.6

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H).

CVE-2003-0063

HIGH

CVSS:7.3(High)

The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's t...

NVD-CWE-Other2003

CVE-2012-5379

HIGH

CVSS:7.3(High)

Untrusted search path vulnerability in the installation functionality in ActivePython 3.2.2.3, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan ho...

NVD-CWE-Other2012

CVE-2015-6527

HIGH

CVSS:7.3(High)

The php_str_replace_in_subject function in ext/standard/string.c in PHP 7.x before 7.0.0 allows remote attackers to execute arbitrary code via a crafted value in the third argument to the str_ireplace...

NVD-CWE-Other2015

CVE-2015-6832

HIGH

CVSS:7.3(High)

Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrar...

NVD-CWE-Other2015

CVE-2015-6836

HIGH

CVSS:7.3(High)

The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary ...

NVD-CWE-Other2015

CVE-2015-8560

HIGH

CVSS:7.3(High)

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ;...

NVD-CWE-Other2015

CVE-2017-10242

Vulnerability Description

Related Vulnerabilities

CVE-2003-0063

CVE-2012-5379

CVE-2015-6527

CVE-2015-6832

CVE-2015-6836

CVE-2015-8560