CVE-2019-7165 – CVE-2019-7165 is a critical buffer overflow vul... (How to Fix)

Q: What is the severity of CVE-2019-7165?

CVE-2019-7165 has a CVSS score of 9.8 (CRITICAL). CVE-2019-7165 is a critical buffer overflow vulnerability in DOSBox 0.74-2 that allows attackers to execute arbitrary code on affected systems. This affects anyone running vulnerable versions of DOSBox, particularly users who run untrusted DOS applications or games. The vulnerability stems from improper bounds checking when processing certain inputs.

📋 TL;DR

CVE-2019-7165 is a critical buffer overflow vulnerability in DOSBox 0.74-2 that allows attackers to execute arbitrary code on affected systems. This affects anyone running vulnerable versions of DOSBox, particularly users who run untrusted DOS applications or games. The vulnerability stems from improper bounds checking when processing certain inputs.

💻 Affected Systems

Products:

DOSBox

Versions: 0.74-2

Operating Systems: Linux, Windows, macOS, BSD

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of DOSBox 0.74-2 are vulnerable regardless of configuration.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with remote code execution, potentially leading to full control of the host system where DOSBox is running.

🟠

Likely Case

Local privilege escalation or arbitrary code execution when processing malicious DOS applications or specially crafted inputs.

🟢

If Mitigated

Limited impact if running DOSBox in isolated environments or with restricted privileges.

🌐 Internet-Facing: LOW - DOSBox is typically not exposed to internet-facing services.

🏢 Internal Only: MEDIUM - Risk exists when running untrusted DOS applications or games from internal sources.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Buffer overflow vulnerabilities in emulators are often easily weaponized for code execution.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.74-3 and later

Vendor Advisory: https://www.dosbox.com/

Restart Required: Yes

Instructions:

1. Download latest DOSBox version from official website. 2. Uninstall vulnerable version. 3. Install patched version. 4. Restart system.

🔧 Temporary Workarounds

Run with reduced privileges

all

Run DOSBox with non-administrative privileges to limit potential damage

Use container isolation

all

Run DOSBox in a container or virtual machine to isolate from host system

🧯 If You Can't Patch

Discontinue use of DOSBox until patched version can be installed
Only run trusted DOS applications from verified sources

🔍 How to Verify

Check if Vulnerable:

Check DOSBox version: On Linux: dosbox --version | grep '0.74-2'. On Windows: Check program properties or About dialog.

Check Version:

dosbox --version

Verify Fix Applied:

Verify version is 0.74-3 or higher: dosbox --version

📡 Detection & Monitoring

Log Indicators:

Crash logs from DOSBox
Unexpected process termination
Memory access violation errors

Network Indicators:

Not applicable - local vulnerability

SIEM Query:

Process:dosbox.exe AND (EventID:1000 OR EventID:1001) OR Application Error in Windows Event Logs

📊 Metadata

CVE ID: CVE-2019-7165

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

Published: July 3, 2019

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-7165, you might also want to check these: