vulnerability
Oracle VirtualBox: CVE-2016-5611: Exposure of Sensitive Information to an Unauthorized Actor
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | Oct 25, 2016 | Jul 17, 2025 | Mar 25, 2026 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Oct 25, 2016
Added
Jul 17, 2025
Modified
Mar 25, 2026
Description
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality via vectors related to Core.
Solution
oracle-virtualbox-upgrade-latest
References
- CWE-200
- CVE-2016-5611
- https://attackerkb.com/topics/CVE-2016-5611
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
- http://www.securityfocus.com/bid/93744
- http://www.securitytracker.com/id/1037053
- https://security.gentoo.org/glsa/201612-27
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2016-6555
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.