CVE-2008-3431

Oracle VirtualBox Insufficient Input Validation Vulnerability

An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code. Vendor/Product: Oracle VirtualBox. Added to CISA KEV 2022-03-03; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2008-3431