CyberSec.Space Logo
CVEブラウザに戻る

CVE-2009-3923

HIGH
7.5
CVSS Severity Score
EPSS Score0.0960%
EPSS Percentile31.17th
Published2009年11月10日
Last Modified2026年4月23日

Vulnerability Description

The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server.

Affected Platforms (CPE)

📦
Sun

Virtual Desktop Infrastructure

= 3.0
📦
Sun

Virtualbox

= 2.0.8
📦
Sun

Virtualbox

= 2.0.10

References & Advisories

🔗 http://sunsolve.sun.com/search/document.do?assetkey=1-21-141481-03-1
🔗 http://sunsolve.sun.com/search/document.do?assetkey=1-66-268328-1
🔗 http://www.securityfocus.com/bid/36917
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/54136
🔗 http://sunsolve.sun.com/search/document.do?assetkey=1-21-141481-03-1
🔗 http://sunsolve.sun.com/search/document.do?assetkey=1-66-268328-1
🔗 http://www.securityfocus.com/bid/36917
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/54136

関連する脆弱性情報

CVE-2011-35713.6

Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI) component in Oracle Virtualization 3.2 allows remote authent...

CVE-2009-28563.5

Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding is enabled, does not properly handle a client's attempt to es...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...