{"id":"CVE-2004-2372","details":"Buffer overflow in Bochs before 2.1.1, if installed setuid, allows local users to execute arbitrary code via a long HOME environment variable, which is used if the .bochsrc, bochsrc, and bochsrc.txt cannot be found in a known path.  NOTE: some external documents recommend that Bochs be installed setuid root, so this should be treated as a vulnerability.","modified":"2026-04-10T03:36:44.106478Z","published":"2004-12-31T05:00:00Z","references":[{"type":"ADVISORY","url":"http://securitytracker.com/id?1009219"},{"type":"ADVISORY","url":"http://www.securiteam.com/unixfocus/5XP0L1FC0M.html"},{"type":"ADVISORY","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15309"},{"type":"EVIDENCE","url":"http://www.securiteam.com/unixfocus/5XP0L1FC0M.html"},{"type":"FIX","url":"http://securitytracker.com/id?1009219"},{"type":"FIX","url":"http://sourceforge.net/project/shownotes.php?release_id=215733"},{"type":"FIX","url":"http://www.securiteam.com/unixfocus/5XP0L1FC0M.html"}],"schema_version":"1.7.5"}