Skip to main content
CVE-2014-7187 CRITICAL POC THREAT Emergency

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 89.9%.

Denial Of Service Buffer Overflow Bash
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
89.9%
Threat
6.2
CVE-2014-7186 CRITICAL POC THREAT Emergency

The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 89.3%.

Denial Of Service Buffer Overflow Bash
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
89.3%
Threat
6.2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy