CVE-2007-6328

Publication date 13 December 2007

Last updated 4 August 2025

Ubuntu priority

Description

DOSBox 0.72 and earlier allows local users to obtain access to the filesystem on the host operating system via the mount command. NOTE: the researcher reports a vendor response stating that this is not a security problem

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
dosbox	9.10 karmic	Ignored
	9.04 jaunty	Ignored
	8.10 intrepid	Ignored
	8.04 LTS hardy	Ignored
	7.10 gutsy	Ignored end of life, was needed
	7.04 feisty	Ignored end of life, was needed
	6.10 edgy	Ignored end of life, was needed
	6.06 LTS dapper	Ignored end of life

How can I get the fixes?
What do statuses mean?

Notes

jdstrand

dosbox is not intended to be used as a security sandbox, and the mount command (and others) function as designed

mdeslaur

disputed, let's ignore this

References

MITRE
NVD
Launchpad
Debian

Other references

http://www.securityfocus.com/archive/1/archive/1/484835/100/0/threaded
https://www.cve.org/CVERecord?id=CVE-2007-6328