CVE-2004-0015

Name of the Vulnerable Software and Affected Versions vbox3 versions 0.1.8 and earlier

Description The issue allows local users to gain privileges due to improper privilege dropping before executing a user-provided TCL script. Additionally, multiple vulnerabilities in the vbox3 package may lead to breaches of confidentiality, integrity, and availability of protected information, potentially exploitable by local attackers.

Recommendations For versions 0.1.8 and earlier, consider disabling the execution of user-provided TCL scripts until a proper fix is applied to ensure privilege dropping. At the moment, there is no information about a newer version that contains a fix for this vulnerability.