CVE-2018-25220 in BOCHS
摘要 (英语)
Bochs 2.6-5 contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized input string to the application. Attackers can craft a malicious payload with 1200 bytes of padding followed by a return-oriented programming chain to overwrite the instruction pointer and execute shell commands with application privileges.
负责
VulnCheck
预定
2026-03-28
披露
2026-03-28
条目
| 已发布 | 基础 | 临时 | 漏洞 | CWE | 产品 | 可利用 | 对策 | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 2026-03-28 | 8.5 | 8.2 | BOCHS 内存损坏 | 787 | 未知 | 概念验证 | 未定义 | 0.00080 | 0.78 | CVE-2018-25220 |