VU#110137 - CVE-2017-5407 (Redirected from ). VU#110137 - CVE-2017-5407 (Redirected from Oracle Virtualization ). Redirection occurs when an attacker with VRDP access to an Oracle VM VirtualBox server is able to convince a user to access a specially crafted web site. The attacker then injects a specially crafted URL that redirects the user to a malicious site. This can be used to inject a fake "Remote Desktop" access prompt. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N). VU#110137 - CVE-2017-5407 (Redirected from ). VU#110137 - CVE-2017-5407 (Redirected from Oracle Virtualization ). Redirection occurs when an attacker with VRDP access to an Oracle VM VirtualBox server is able to convince a user to access a specially crafted web site. The attacker then injects a specially crafted URL that redirects the user to a malicious site. This can be used to inject a fake "Remote Desktop" access prompt. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/
Oracle Virtualization (OVM)
Oracle Virtualization is a virtualization software by Oracle Corporation. The product, which was first released in 2009, is designed to provide true server hardware-level virtualization with the power of hardware-assisted virtualization and features that include live migration and live storage migration.
Timeline
Published on: 10/18/2022 21:15:00 UTC
Last modified on: 10/20/2022 05:33:00 UTC