- Jul 22, 2014
- 2,525
A Russian vulnerability researcher and exploit developer has published detailed information about a zero-day vulnerability in VirtualBox. His explanations include step-by-step instructions for exploiting the bug.
According to the initial details in the disclosure, the issue is present in a shared code base of the virtualization software, available on all supported operating systems.
Exploiting the vulnerability allows an attacker to escape the virtual environment of the guest machine and reach the Ring 3 privilege layer, used for running code from most user programs, with the least privileges.
Turning one "overflow" into another
...
...
According to the initial details in the disclosure, the issue is present in a shared code base of the virtualization software, available on all supported operating systems.
Exploiting the vulnerability allows an attacker to escape the virtual environment of the guest machine and reach the Ring 3 privilege layer, used for running code from most user programs, with the least privileges.
Turning one "overflow" into another
...
...