Denial of Service Vulnerability in GNU Bash Affecting Multiple Versions
CVE-2014-7186

Currently unrated

Key Information:

Vendor: Gnu
Status: Bash
Vendor: CVE Published:; 28 September 2014

Summary

The vulnerability in GNU Bash allows remote attackers to exploit the redirection implementation within here documents, leading to out-of-bounds array access. This results in a denial of service as the application may crash due to improper handling of these crafted inputs. The issue is prevalent in Bash versions up to 4.3, primarily impacting systems reliant on this widely used shell.

References

http://packetstormsecurity.com/files/128517/VMware-Securi...

x_refsource_MISC

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg21685749

x_refsource_CONFIRM

EPSS Score

89% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 28, 2014
Vulnerability Reserved
Sep 25, 2014