Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-7187

Опубликовано: 28 сент. 2014
Источник: ubuntu
Приоритет: medium
EPSS Критический
CVSS2: 10

Описание

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.

РелизСтатусПримечание
devel

released

4.3-9ubuntu4
esm-infra-legacy/trusty

not-affected

4.3-7ubuntu1.4
lucid

released

4.1-2ubuntu3.4
precise

released

4.2-2ubuntu2.5
trusty

released

4.3-7ubuntu1.4
trusty/esm

not-affected

4.3-7ubuntu1.4
upstream

needs-triage

Показывать по

EPSS

Процентиль: 100%
0.90099
Критический

10 Critical

CVSS2

Связанные уязвимости

redhat
почти 11 лет назад

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.

nvd
почти 11 лет назад

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.

debian
почти 11 лет назад

Off-by-one error in the read_token_word function in parse.y in GNU Bas ...

github
около 3 лет назад

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.

fstec
почти 11 лет назад

Уязвимость интерпретатора командной строки GNU Bash, позволяющая злоумышленнику вызвать отказ в обслуживании или выполнить произвольный код

EPSS

Процентиль: 100%
0.90099
Критический

10 Critical

CVSS2