CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-3923

The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.0%

CVSS Severity

CVSS v2 Score 7.5

References

http://sunsolve.sun.com/search/document.do?assetkey=1-21-141481-03-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-268328-1
http://www.securityfocus.com/bid/36917
https://exchange.xforce.ibmcloud.com/vulnerabilities/54136
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141481-03-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-268328-1
http://www.securityfocus.com/bid/36917
https://exchange.xforce.ibmcloud.com/vulnerabilities/54136

Products affected by CVE-2009-3923

Sun » Virtual Desktop Infrastructure » Version: 3.0

cpe:2.3:a:sun:virtual_desktop_infrastructure:3.0
Sun » Virtualbox » Version: 2.0.10

cpe:2.3:a:sun:virtualbox:2.0.10
Sun » Virtualbox » Version: 2.0.8

cpe:2.3:a:sun:virtualbox:2.0.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-3923

Products

Pricing

Contact Us