CVE-2015-4896 Common Vulnerabilities and Exposures

Upstream information

CVE-2015-4896 at MITRE

Description

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when a VM has the Remote Display feature (RDP) enabled, allows remote attackers to affect availability via unknown vectors related to Core.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

CVSS v2 Scores
CVSS detail	National Vulnerability Database
Base Score	5
Vector	AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector	Network
Access Complexity	Low
Authentication	None
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Partial

SUSE Bugzilla entry: 951432 [RESOLVED / FIXED]

SUSE Security Advisories:

openSUSE-SU-2015:1855-1 openSUSE-SU-2015:2154-1

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE Leap 15.0	`virtualbox-guest-kmp-default >= 5.2.10_k4.12.14_lp150.11-lp150.3.6` `virtualbox-guest-tools >= 5.2.10-lp150.3.6` `virtualbox-guest-x11 >= 5.2.10-lp150.3.6`	Patchnames: openSUSE Leap 15.0 GA virtualbox-guest-kmp-default-5.2.10_k4.12.14_lp150.11-lp150.3.6
openSUSE Leap 15.3	`virtualbox-guest-tools >= 6.1.20-lp153.1.8` `virtualbox-guest-x11 >= 6.1.20-lp153.1.8` `virtualbox-kmp-default >= 6.1.20_k5.3.18_57-lp153.1.2`	Patchnames: openSUSE Leap 15.3 GA virtualbox-guest-tools-6.1.20-lp153.1.8
openSUSE Leap 15.4	`virtualbox-guest-tools >= 6.1.32-lp154.1.83` `virtualbox-guest-x11 >= 6.1.32-lp154.1.83` `virtualbox-kmp-default >= 6.1.32_k5.14.21_150400.22-lp154.1.67`	Patchnames: openSUSE Leap 15.4 GA virtualbox-guest-tools-6.1.32-lp154.1.83
openSUSE Tumbleweed	`python-virtualbox >= 5.1.10-2.5` `virtualbox >= 5.1.10-2.5` `virtualbox-devel >= 5.1.10-2.5` `virtualbox-guest-desktop-icons >= 5.1.10-2.5` `virtualbox-guest-kmp-default >= 5.1.10_k4.8.13_1-2.5` `virtualbox-guest-kmp-pae >= 5.1.10_k4.8.13_1-2.5` `virtualbox-guest-tools >= 5.1.10-2.5` `virtualbox-guest-x11 >= 5.1.10-2.5` `virtualbox-host-kmp-default >= 5.1.10_k4.8.13_1-2.5` `virtualbox-host-kmp-pae >= 5.1.10_k4.8.13_1-2.5` `virtualbox-host-source >= 5.1.10-2.5` `virtualbox-qt >= 5.1.10-2.5` `virtualbox-websrv >= 5.1.10-2.5`	Patchnames: openSUSE-Tumbleweed-2024-10020

SUSE Timeline for this CVE

CVE page created: Wed Oct 21 17:37:28 2015
CVE page last modified: Mon Oct 6 18:23:04 2025