CVE-2019-12594

CRITICAL

DOSBox 0.74-2 - DoS

Title source: llm

Description

DOSBox 0.74-2 has Incorrect Access Control.

Exploits (1)

nomisec WORKING POC 13 stars

by Alexandre-Bartel · poc

https://github.com/Alexandre-Bartel/CVE-2019-12594

View Code ZIP pw:eip

References (9)

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00047.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00053.html

[Mailing List, Third Party Advisory] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931222

[Mailing List] https://lists.debian.org/debian-lts-announce/2019/07/msg00004.html

[Mailing List] https://seclists.org/bugtraq/2019/Jul/14

[Third Party Advisory] https://security-tracker.debian.org/tracker/CVE-2019-12594

[Vendor Advisory] https://www.dosbox.com/crew.php

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PYV27Z3QZTDHUZJLW3LDJYO7HBVIMJ5F/

[Third Party Advisory] https://www.debian.org/security/2019/dsa-4478

Scores

CVSS v3 9.8

EPSS 0.2768

EPSS Percentile 96.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (4)

debian/debian_linux 8.0

debian/debian_linux 9.0

debian/debian_linux 10.0

dosbox/dosbox 0.74-2

Published Jul 02, 2019

Tracked Since Feb 18, 2026