Lucene search
Ubuntu.comUB:CVE-2007-6328HistoryDec 13, 2007 - 12:00 a.m.
CVE-2007-6328
2007-12-1300:00:00
ubuntu.com
ubuntu.com
10
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
DISPUTED DOSBox 0.72 and earlier allows local users to obtain access
to the filesystem on the host operating system via the mount command.
NOTE: the researcher reports a vendor response stating that this is not a
security problem.
Notes
| Author | Note |
|---|---|
| jdstrand | dosbox is not intended to be used as a security sandbox, and the mount command (and others) function as designed |
| mdeslaur | disputed, let’s ignore this |
Related
debiancve
debiancve
CVE-2007-6328
2007-12-13 19:46:00
cvelist
cvelist
CVE-2007-6328
2007-12-13 19:00:00
nvd
nvd
CVE-2007-6328
2007-12-13 19:46:00
prion
prion
Command injection
2007-12-13 19:46:00
cve
cve
CVE-2007-6328
2007-12-13 19:46:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
Related for UB:CVE-2007-6328