My Oracle Support Banner

CVE-2014-3566 - Instructions to Mitigate the SSL v3.0 Vulnerability (aka "Poodle Attack") within Oracle VM VirtualBox (Doc ID 1962878.1)

Last updated on JANUARY 21, 2015

Applies to:

Oracle VM VirtualBox - Version 4.1 to 4.3 [Release 4.0]
Information in this document applies to any platform.


This document provides instructions to mitigate the SSL v3.0 security vulnerability described within CVE-2014-3566 in Oracle's VirtualBox product.

Please see Oracle's official statement on CVE-2014-3566 on the security blog, for information on other products and components within Oracle's product portfolio.


The advice outlined below is specific to Oracle VM VirtualBox (VBox) products, and appropriate for all supported maintenance releases of VirtualBox.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 Recommended Solutions
 Oracle Security Policy

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.