Statements (19)
Predicate | Object |
---|---|
gptkbp:instanceOf |
gptkb:security
|
gptkbp:affects |
gptkb:GNU_Bash
|
gptkbp:allows |
remote code execution
arbitrary code execution |
gptkbp:alsoKnownAs |
gptkb:Shellshock
|
gptkbp:describes |
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment.
|
gptkbp:discoveredIn |
2014
|
gptkbp:exploits |
yes
|
gptkbp:fixes |
Bash 4.3 patch 27
|
gptkbp:hasCVEID |
gptkb:CVE-2014-7169
|
gptkbp:hasCVSSScore |
10.0
|
gptkbp:hasCWE |
gptkb:CWE-78
|
gptkbp:hasSeverity |
high
|
gptkbp:hasVersion |
Bash 1.14 through 4.3
|
https://www.w3.org/2000/01/rdf-schema#label |
CVE-2014-7169
|
gptkbp:partOf |
Shellshock vulnerabilities
|
gptkbp:publishedIn |
2014-09-24
|
gptkbp:bfsParent |
gptkb:Shellshock_(2014)
|
gptkbp:bfsLayer |
6
|