virtualbox: security update
Two privilege escalation vulnerabilities in VirtualBox have
been fixed.
- CVE-2011-2300: CVSS v2 Base Score: 3.7
(AV:L/AC:H/Au:N/C:P/I:P/A:P)
- CVE-2011-2305: CVSS v2 Base Score: 6.2
(AV:L/AC:H/Au:N/C:C/I:C/A:C)
- Submitted by Adrian Schröter (adrianSuSE)
- Version 4950
Fixed bugs
bnc#708271
VUL-0: two VirtualBox privilege escalations
CVE#CVE-2011-2300
Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Guest Additions for Windows.
CVE#CVE-2011-2305
Unspecified vulnerability in Oracle VM VirtualBox 3.0, 3.1, 3.2, and 4.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors.