CVE-2016-0602

Priority
Description
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle
Virtualization VirtualBox before 5.0.14 allows local users to affect
confidentiality, integrity, and availability via unknown vectors related to
Windows Installer. NOTE: the previous information is from the January 2016
CPU. Oracle has not commented on third-party claims that this is an
untrusted search path issue that allows local users to gain privileges via
a Trojan horse dll in the "application directory."
Notes
sbeattiewindows installer, 5.0.x only
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [5.0 + windows only])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (5.0.14-dfsg-1)
More Information

Updated: 2019-12-05 18:43:36 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)