Guest virtual machine vulnerabilities

The vulnerabilities listed here are likely to be out of date as they have been remediated by the respective vendors. The following are a few guest operating system vulnerabilities at the time of writing this book.

The following vulnerability is one of an ever increasing number of vulnerabilities from Adobe, Adobe Reader, and Acrobat listed in the National Vulnerability Database (http://nvd.nist.gov):

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-5325

Original release date: 10/09/2013

Last revised: 11/03/2013

Source: US-CERT/NIST

Overview

Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote attackers to execute an arbitrary JavaScript code in a JavaScript: URL via a crafted PDF document.

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 9.3 (high) (AV:N/AC:M/Au:N/C:C/I:C/A:C) (legend)

Impact subscore: 10.0

Exploitability subscore: 8.6

CVSS Version 2 metrics:

Access vector: Network exploitable; Victim must voluntarily interact with the attack mechanism

Access complexity: Medium

Authentication: Not required to exploit

Impact type: This allows the unauthorized disclosure of information, unauthorized modification, and the disruption of service

The following vulnerability is for a kernel-mode driver in Windows 7, listed in the National Vulnerability Database (http://nvd.nist.gov):

Note

National Cyber Awareness System

Vulnerability summary for CVE-2013-3881

Original release date: 10/09/2013

Last revised: 11/03/2013

Source: US-CERT/NIST

Overview

win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allow local users to gain privileges via a crafted application, also known as "Win32k NULL Page Vulnerability."

Impact

CVSS severity (Version 2.0):

CVSS v2 base score: 7.2 (HIGH) (AV:L/AC:L/Au:N/C:C/I:C/A:C) (legend)

Impact subscore: 10.0

Exploitability subscore: 3.9

CVSS Version 2 metrics:

Access vector: Locally exploitable

Access complexity: Low

Authentication: Not required to exploit

Impact type: This allows the unauthorized disclosure of information, unauthorized modification, and the disruption of service

Any vulnerability found in a standalone desktop machine might have applicability in a virtualized environment. In fact, an infected Windows desktop, for example, has the opportunity to do more damage in a virtualized environment than if it were a standalone machine. If a virtualized environment was not configured correctly, a runaway desktop machine could take resources away from other virtual machines on the same host, impacting the performance of many as opposed to a single machine.