Guest virtual machine vulnerabilities
The vulnerabilities listed here are likely to be out of date as they have been remediated by the respective vendors. The following are a few guest operating system vulnerabilities at the time of writing this book.
The following vulnerability is one of an ever increasing number of vulnerabilities from Adobe, Adobe Reader, and Acrobat listed in the National Vulnerability Database (http://nvd.nist.gov):
Note
National Cyber Awareness System
Vulnerability summary for CVE-2013-5325
Original release date: 10/09/2013
Last revised: 11/03/2013
Source: US-CERT/NIST
Overview
Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote attackers to execute an arbitrary JavaScript code in a JavaScript: URL via a crafted PDF document.
Impact
CVSS severity (Version 2.0):
CVSS v2 base score: 9.3 (high) (AV:N/AC:M/Au:N/C:C/I:C/A:C) (legend)
Impact subscore: 10.0
Exploitability subscore: 8.6
CVSS Version 2 metrics:
Access vector: Network exploitable; Victim must voluntarily interact with the attack mechanism
Access complexity: Medium
Authentication: Not required to exploit
Impact type: This allows the unauthorized disclosure of information, unauthorized modification, and the disruption of service
The following vulnerability is for a kernel-mode driver in Windows 7, listed in the National Vulnerability Database (http://nvd.nist.gov):
Note
National Cyber Awareness System
Vulnerability summary for CVE-2013-3881
Original release date: 10/09/2013
Last revised: 11/03/2013
Source: US-CERT/NIST
Overview
win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allow local users to gain privileges via a crafted application, also known as "Win32k NULL Page Vulnerability."
Impact
CVSS severity (Version 2.0):
CVSS v2 base score: 7.2 (HIGH) (AV:L/AC:L/Au:N/C:C/I:C/A:C) (legend)
Impact subscore: 10.0
Exploitability subscore: 3.9
CVSS Version 2 metrics:
Access vector: Locally exploitable
Access complexity: Low
Authentication: Not required to exploit
Impact type: This allows the unauthorized disclosure of information, unauthorized modification, and the disruption of service
Any vulnerability found in a standalone desktop machine might have applicability in a virtualized environment. In fact, an infected Windows desktop, for example, has the opportunity to do more damage in a virtualized environment than if it were a standalone machine. If a virtualized environment was not configured correctly, a runaway desktop machine could take resources away from other virtual machines on the same host, impacting the performance of many as opposed to a single machine.
