CVE-2014-7186
published 2014-09-28CVE-2014-7186: The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access…
critical10CVSS 3.1
AVNACLAuNCCICAC
EXPLOIT
The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted use of here documents, aka the "redir_stack" issue.
Affected
50 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | os_x_el_capitan_v10.11 | — | — |
| apple | os_x_yosemite_v10.10.2_and_security_update_2015-001 | — | — |
| citrix | citrix_netscaler_adc | — | — |
| citrix | citrix_netscaler_sdx | — | — |
| citrix | citrix_xenapp | — | — |
| citrix | citrix_xendesktop | — | — |
| citrix | citrix_xenmobile | — | — |
| citrix | citrix_xenserver | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | netscaler_sdx | — | — |
| citrix | sharefile | — | — |
| citrix | xenapp | — | — |
| citrix | xendesktop | — | — |
| citrix | xenmobile | — | — |
| citrix | xenserver | — | — |
| debian | bash | < bash 4.3-9.2 (bookworm) | bash 4.3-9.2 (bookworm) |
| gnu | bash | — | — |
| gnu | bash | — | — |
| gnu | bash | — | — |
| gnu | bash | — | — |
| gnu | bash | — | — |
| gnu | bash | — | — |
| gnu | bash | — | — |
| gnu | bash | — | — |
CVSS provenance
nvd10.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vulncheck10.0CRITICAL
cisa8.8HIGH