U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2015-4896

Change History

Modified Analysis 2/12/2019 1:42:28 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
     *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Changed CPE Configuration
OR
     *cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions up to (including) 4.0.34
     *cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions up to (including) 4.1.42
     *cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions up to (including) 4.2.34
     *cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions up to (including) 4.3.32
     *cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions up to (including) 5.0.8
OR
     *cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from (including) 4.0.0 up to (excluding) 4.0.34
     *cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from (including) 4.1.0 up to (excluding) 4.1.42
     *cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from (including) 4.2.0 up to (excluding) 4.2.34
     *cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from (including) 4.3.0 up to (excluding) 4.3.32
     *cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from (including) 5.0.0 up to (excluding) 5.0.8
Changed Evaluator Description
Per <a href="http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html">LINK</a>:  Only VMs with Remote Display feature (RDP) enabled are impacted by CVE-2015-4896.
Per <a href="http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" rel="nofollow">LINK</a>:  Only VMs with Remote Display feature (RDP) enabled are impacted by CVE-2015-4896.
Changed Reference Type
http://lists.opensuse.org/opensuse-updates/2015-11/msg00000.html No Types Assigned
http://lists.opensuse.org/opensuse-updates/2015-11/msg00000.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-updates/2015-11/msg00172.html No Types Assigned
http://lists.opensuse.org/opensuse-updates/2015-11/msg00172.html Mailing List, Third Party Advisory
Changed Reference Type
http://www.debian.org/security/2015/dsa-3384 No Types Assigned
http://www.debian.org/security/2015/dsa-3384 Mailing List, Third Party Advisory
Changed Reference Type
http://www.securityfocus.com/bid/77198 No Types Assigned
http://www.securityfocus.com/bid/77198 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securitytracker.com/id/1033880 No Types Assigned
http://www.securitytracker.com/id/1033880 Third Party Advisory, VDB Entry