VIR Vulnerability Intelligence Relay

CVE-2014-6595

low
Published 2015-01-21 · Modified 2026-05-06
CVSS v3
CVSS v2
3.2
VIR risk
3.2

Description

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6589, CVE-2014-6590, and CVE-2015-0427.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2014-6595

vendor Authored 2026-05-27

Vendor advisory: secalert_us@oracle.com — http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

OS impact
OSVersionStatusFixed in
suse suse13.1affected
suse suse13.2affected
debian debiansidfixed4.3.18-dfsg-2

Application impact
VendorProductVersionsFixed
oracle oraclevm_virtualbox{"endIncluding":"4.3.18"}

References

Verify integrity in audit chain (admin only). AS-IS.