Denial of Service Vulnerability in GNU Bash Affecting Multiple Versions
CVE-2014-7186

Currently unrated

Key Information:

Vendor

Gnu
Status
Bash
Vendor
CVE Published:
28 September 2014

What is CVE-2014-7186?

The vulnerability in GNU Bash allows remote attackers to exploit the redirection implementation within here documents, leading to out-of-bounds array access. This results in a denial of service as the application may crash due to improper handling of these crafted inputs. The issue is prevalent in Bash versions up to 4.3, primarily impacting systems reliant on this widely used shell.

References

http://packetstormsecurity.com/files/128517/VMware-Securi...
x_refsource_MISC
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21685749
x_refsource_CONFIRM

EPSS Score

88% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2014-7186 : Denial of Service Vulnerability in GNU Bash Affecting Multiple Versions