VU#110137 - CVE-2017-5407 (Redirected from ). VU#110137 - CVE-2017-5407 (Redirected from Oracle Virtualization ). Redirection occurs when an attacker with VRDP access to an Oracle VM VirtualBox server is able to convince a user to access a specially crafted web site. The attacker then injects a specially crafted URL that redirects the user to a malicious site. This can be used to inject a fake "Remote Desktop" access prompt. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N). VU#110137 - CVE-2017-5407 (Redirected from ). VU#110137 - CVE-2017-5407 (Redirected from Oracle Virtualization ). Redirection occurs when an attacker with VRDP access to an Oracle VM VirtualBox server is able to convince a user to access a specially crafted web site. The attacker then injects a specially crafted URL that redirects the user to a malicious site. This can be used to inject a fake "Remote Desktop" access prompt. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/
Vulnerability Details:
Redirection occurs when an attacker with VRDP access to an Oracle VM VirtualBox server is able to convince a user to access a specially crafted web site. The attacker then injects a specially crafted URL that redirects the user to a malicious site. This can be used to inject a fake "Remote Desktop" access prompt. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
Briefly describe the vulnerability in this case study and provide some background information on the incident.
The vulnerability is CVE-2017-5407, which is also known as Redirected from Oracle Virtualization, and was found by Kaspersky Lab researchers in 2018. The vulnerability affects different virtual machines running on an Oracle VM VirtualBox server, including Microsoft Windows and Linux VMs. If exploited, the hijacked website can launch the user's browser into a fake "Remote Desktop" access prompt that looks identical to the original login screen of their operating system, placing them at risk of phishing attacks or identity theft if they're not careful enough.
Under what circumstances would this exploit be most effective?
This attack can be used against any other system running on an Oracle VM VirtualBox server that is vulnerable to this exploit, but it would
CVE-2017-5318
VU#110137 - CVE-2017-5407 (Redirected from ). VU#110137 - CVE-2017-5407 (Redirected from Oracle Virtualization ). Redirection occurs when an attacker with VRDP access to an Oracle VM VirtualBox server is able to convince a user to access a specially crafted web site. The attacker then injects a specially crafted URL that redirects the user to a malicious site. This can be used to inject a fake "Remote Desktop" access prompt. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N). VU#110137 - CVE-2017-5407 (Redirected from ). VU#110137 - CVE-2017-5407 (Redirected from Oracle Virtualization ). Redirection occurs when an attacker with VRDP access to an Oracle VM VirtualBox server is able to convince a user to access a specially crafted web site. The attacker then injects a specially crafted URL that redirects the user to a malicious site. This can be used to inject a fake "Remote Desktop" access prompt. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0
Oracle Virtualization (OVM)
Oracle Virtualization is a software package that performs guest operating system (OS) virtualization. Oracle Virtualization provides a hypervisor which can run on the hardware of your choice, regardless of the host operating system.
Timeline
Published on: 10/18/2022 21:15:00 UTC
Last modified on: 10/20/2022 05:29:00 UTC