CVE-2014-0983

Name of the Vulnerable Software and Affected Versions Oracle VirtualBox versions 4.2.x through 4.2.20 Oracle VirtualBox versions 4.3.x prior to 4.3.8

Description Multiple array index errors in programs automatically generated by the VBox/HostServices/SharedOpenGL/crserverlib/server dispatch.py library in Oracle VirtualBox, when using 3D Acceleration, allow local guest OS users to execute arbitrary code on the Chromium server via certain CR MESSAGE OPCODES messages with a crafted index. The issue is related to the handling of specific messages by various functions, including crServerDispatchVertexAttrib4NubARB, crServerDispatchVertexAttrib1dARB, crServerDispatchVertexAttrib1fARB, crServerDispatchVertexAttrib1sARB, crServerDispatchVertexAttrib2dARB, crServerDispatchVertexAttrib2fARB, crServerDispatchVertexAttrib2sARB, crServerDispatchVertexAttrib3dARB, crServerDispatchVertexAttrib3fARB, crServerDispatchVertexAttrib3sARB, crServerDispatchVertexAttrib4dARB, crServerDispatchVertexAttrib4fARB, and crServerDispatchVertexAttrib4sARB.

Recommendations For Oracle VirtualBox versions 4.2.x through 4.2.20, update to a version later than 4.2.20. For Oracle VirtualBox versions 4.3.x prior to 4.3.8, update to version 4.3.8 or later. As a temporary workaround, consider disabling the 3D Acceleration feature until a patch is available.