CVE-2014-7169

GPTKB entity

Statements (19)
Predicate Object
gptkbp:instanceOf gptkb:security
gptkbp:affects gptkb:GNU_Bash
gptkbp:allows remote code execution
arbitrary code execution
gptkbp:alsoKnownAs gptkb:Shellshock
gptkbp:describes GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment.
gptkbp:discoveredIn 2014
gptkbp:exploits yes
gptkbp:fixes Bash 4.3 patch 27
gptkbp:hasCVEID gptkb:CVE-2014-7169
gptkbp:hasCVSSScore 10.0
gptkbp:hasCWE gptkb:CWE-78
gptkbp:hasSeverity high
gptkbp:hasVersion Bash 1.14 through 4.3
https://www.w3.org/2000/01/rdf-schema#label CVE-2014-7169
gptkbp:partOf Shellshock vulnerabilities
gptkbp:publishedIn 2014-09-24
gptkbp:bfsParent gptkb:Shellshock_(2014)
gptkbp:bfsLayer 6