Off-by-one Error in GNU Bash Leading to Denial of Service
CVE-2014-7187

Currently unrated

Key Information:

Vendor

Gnu
Status
Bash
Vendor
CVE Published:
28 September 2014

What is CVE-2014-7187?

A vulnerability exists in GNU Bash due to an off-by-one error in the read_token_word function found in parse.y. This flaw allows attackers to trigger a denial of service condition by exploiting deeply nested for loops, potentially leading to out-of-bounds array access and application crashes. The vulnerability highlights significant security risks associated with inadequate input validation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://packetstormsecurity.com/files/128517/VMware-Securi...
x_refsource_MISC
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21685749
x_refsource_CONFIRM

EPSS Score

91% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.