Oracle VirtualBox Guest Additions Arbitrary Write Local Privilege Escalation Exploit

The Oracle VirtualBox Guest Additions Driver (VBoxGuest.sys) present in Oracle VirtualBox is vulnerable to an arbitrary pointer overwrite. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by sending a specially crafted IOCTL (0x22A040) to the vulnerable driver within the Windows Guest OS.
Exploit type: 
Vulnerabilty ID: 
Product Version: 
Released Date: 
Friday, August 22, 2014 - 00:00