← back
CVE-2014-2477

CVE-2014-2477

38Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 7.2%
from disclosure to weapon27 days
Published on NVDJul 17
1st PoC+27d
metasploitJul 15
exploitation probability
7.2%top 6% of all CVEs
observed exploitation
nono source reports it
2 public exploit(s)
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-2486.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.