Vulnerabilities

CVE-2014-7187

by Fred · 28/09/2014

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.

Date published : 2014-09-28

http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html

http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html

Similar

Tags: Cybersecurity Alert