Multiple memory corruption vulnerabilities have been found in the code that implements 3D Acceleration for OpenGL graphics in Oracle VirtualBox. These vulnerabilities could allow an attacker who is already running code within a Guest OS to escape from the virtual machine and execute arbitrary code on the Host OS. The code that handles OpenGL rendering commands on the Host side is prone to multiple memory corruption vulnerabilities.
Read the full advisory here – http://www.coresecurity.com/advisories/oracle-virtualbox-3d-acceleration-multiple-memory-corruption-vulnerabilities