The host is installed with Oracle VirtualBox 4.2.x through 4.2.20 or 4.3.x before 4.3.8 and is prone to a multiple array index error vulnerabilities. The flaws are present in the application, which fails to properly handle certain CR_MESSAGE_OPCODES. Successful exploitation could allow attackers to execute arbitrary code on the Chromium server.