Oracle VirtualBox VBoxSF.sys IOCTL_MRX_VBOX_DELCONN Privilege Escalation Exploit

The VBoxSF.sys driver is a component of VirtualBox Guest Additions, which is in charge of providing the 'Shared Folders' feature offered by Oracle VirtualBox. This driver doesn't properly validate a pointer when handling the IOCTL_MRX_VBOX_DELCONN IoControl. This allows an unprivileged user in a Windows Guest OS with VirtualBox Guest Additions installed to gain SYSTEM privileges within the Guest OS.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2014-0405
Product Version: 
2014_R1
Released Date: 
Friday, April 4, 2014 - 00:00