CVSS: 9.8EPSS: 4%CPEs: 5EXPL: 0CVE-2019-7165 – Ubuntu Security Notice USN-5356-1
https://notcve.org/view.php?id=CVE-2019-7165
03 Jul 2019 — A buffer overflow in DOSBox 0.74-2 allows attackers to execute arbitrary code. Un desbordamiento de búfer en DOSBox versión 0.74-2 permite a los atacantes ejecutar código arbitrario. An update that fixes two vulnerabilities is now available. This update for dosbox fixes the following issues. Fixed that a very long line inside a bat file would overflow the parsing buffer. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00047.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 28%CPEs: 4EXPL: 1CVE-2019-12594 – Ubuntu Security Notice USN-5356-1
https://notcve.org/view.php?id=CVE-2019-12594
02 Jul 2019 — DOSBox 0.74-2 has Incorrect Access Control. DOSBox 0.74-2 tiene control de acceso incorrecto. An update that fixes two vulnerabilities is now available. This update for dosbox fixes the following issues. Fixed that a very long line inside a bat file would overflow the parsing buffer. • https://github.com/Alexandre-Bartel/CVE-2019-12594 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2007-6328
https://notcve.org/view.php?id=CVE-2007-6328
13 Dec 2007 — DOSBox 0.72 and earlier allows local users to obtain access to the filesystem on the host operating system via the mount command. NOTE: the researcher reports a vendor response stating that this is not a security problem ** IMPUGNADA ** DOSBox 0.72 y anteriores permite a usuarios locales obtener acceso al sistema de ficheros del sistema operativo de la máquina mediante el comando mount. NOTA: el investigador aporta una respuesta del fabricante afirmando que este no es un problema de seguridad. • http://aluigi.org/poc/dosboxxx.zip •