vulnerability

Oracle VirtualBox: CVE-2016-0602: Vulnerability in Oracle VirtualBox

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:L/AC:H/Au:N/C:C/I:C/A:C)	Jan 21, 2016	Jul 17, 2025	Nov 14, 2025

Severity

CVSS

(AV:L/AC:H/Au:N/C:C/I:C/A:C)

Published

Jan 21, 2016

Added

Jul 17, 2025

Modified

Nov 14, 2025

Description

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.14 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Windows Installer. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is an untrusted search path issue that allows local users to gain privileges via a Trojan horse dll in the "application directory."

Solution

oracle-virtualbox-upgrade-latest

References

CVE-2016-0602
https://attackerkb.com/topics/CVE-2016-0602
URL-http://seclists.org/fulldisclosure/2016/Feb/54
URL-http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
URL-http://www.securityfocus.com/archive/1/537462/100/0/threaded
URL-http://www.securitytracker.com/id/1034731

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today