Vulnerability Details CVE-2010-3584
Unspecified vulnerability in the Oracle VM component in Oracle VM 2.2.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a third party researcher that this is related to the storage of passwords and password hashes in cleartext in files with insecure permissions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.2%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
- http://www.securityfocus.com/archive/1/514612/100/0/threaded
- http://www.us-cert.gov/cas/techalerts/TA10-287A.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
- http://www.securityfocus.com/archive/1/514612/100/0/threaded
- http://www.us-cert.gov/cas/techalerts/TA10-287A.html