CVE-2012-6711
published 2019-06-18CVE-2012-6711: A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable…
high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | bash | < bash 4.3-1 (bookworm) | bash 4.3-1 (bookworm) |
| gnu | bash | >= 0 < 4.3-1 | 4.3-1 |
| gnu | bash | >= 0 < 4.3-1 | 4.3-1 |
| gnu | bash | >= 0 < 4.3-1 | 4.3-1 |
| gnu | bash | >= 0 < 4.3-1 | 4.3-1 |
| gnu | bash | 4.2 – 4.3 | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH