USN-5356-1

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/USN-5356-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5356-1.json

JSON Data

https://api.osv.dev/v1/vulns/USN-5356-1

Related

Published

2022-03-30T15:47:44.635502Z

Modified

2022-03-30T15:47:44.635502Z

Summary

dosbox vulnerabilities

Details

Alexandre Bartel discovered that DOSBox incorrectly handled long lines in certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-7165)

Alexandre Bartel discovered that DOSBox incorrectly performed access control over certain directories. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-12594)

References

Affected packages

Ubuntu:18.04:LTS / dosbox

Package

Name: dosbox
Purl: pkg:deb/ubuntu/dosbox@0.74-4.3ubuntu0.1?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.74-4.3ubuntu0.1

Affected versions

0.*

0.74-4.2build1

0.74-4.3

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "0.74-4.3ubuntu0.1",
            "binary_name": "dosbox"
        },
        {
            "binary_version": "0.74-4.3ubuntu0.1",
            "binary_name": "dosbox-dbgsym"
        }
    ]
}