CVE-2013-0420
First published: Thu Jan 17 2013(Updated: )
Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 allows local users to affect integrity and availability via unknown vectors related to Core. NOTE: The previous information was obtained from the January 2013 Oracle CPU. Oracle has not commented on claims from another vendor that this issue is related to an incorrect comparison in the vga_draw_text function in Devices/Graphics/DevVGA.cpp, which can cause VirtualBox to "draw more lines than necessary."
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| openSUSE | =12.1 | |
| openSUSE | =12.2 | |
| Oracle Virtualization | =4.0 | |
| Oracle Virtualization | =4.1 | |
| Oracle Virtualization | =4.2 | |
| Oracle VirtualBox | =4.0 | |
| Oracle VirtualBox | =4.1.0 | |
| Oracle VirtualBox | =4.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-updates/2013-02/msg00000.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
- http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
- https://bugzilla.novell.com/show_bug.cgi?id=798776
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15763
- https://www.virtualbox.org/changeset/44055/vbox
Frequently Asked Questions
What is the severity of CVE-2013-0420?
The severity of CVE-2013-0420 is not explicitly categorized, but it affects the integrity and availability of systems.
How do I fix CVE-2013-0420?
To fix CVE-2013-0420, apply relevant patches and updates provided by Oracle for VirtualBox versions 4.0, 4.1, and 4.2.
Which software versions are affected by CVE-2013-0420?
CVE-2013-0420 affects Oracle Virtualization versions 4.0, 4.1, and 4.2, as well as Oracle VM VirtualBox versions 4.0, 4.1.0, and 4.2.0.
Who is affected by CVE-2013-0420?
Local users of Oracle Virtualization and Oracle VM VirtualBox on the specified versions are at risk from CVE-2013-0420.
What impact does CVE-2013-0420 have on systems?
CVE-2013-0420 can potentially compromise the integrity and availability of affected systems.
- agent/references
- agent/type
- agent/remedy
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/opensuse
- canonical/opensuse
- version/opensuse/12.1
- version/opensuse/12.2
- vendor/oracle
- canonical/oracle virtualization
- version/oracle virtualization/4.0
- version/oracle virtualization/4.1
- version/oracle virtualization/4.2
- canonical/oracle virtualbox
- version/oracle virtualbox/4.0
- version/oracle virtualbox/4.1.0
- version/oracle virtualbox/4.2.0