Statements (19)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:security
|
| gptkbp:affects |
gptkb:GNU_Bash
|
| gptkbp:allows |
remote code execution
arbitrary code execution |
| gptkbp:alsoKnownAs |
gptkb:Shellshock
|
| gptkbp:describes |
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment.
|
| gptkbp:discoveredIn |
2014
|
| gptkbp:exploits |
yes
|
| gptkbp:fixes |
Bash 4.3 patch 27
|
| gptkbp:hasCVEID |
gptkb:CVE-2014-7169
|
| gptkbp:hasCVSSScore |
10.0
|
| gptkbp:hasCWE |
gptkb:CWE-78
|
| gptkbp:hasSeverity |
high
|
| gptkbp:hasVersion |
Bash 1.14 through 4.3
|
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2014-7169
|
| gptkbp:partOf |
Shellshock vulnerabilities
|
| gptkbp:publishedIn |
2014-09-24
|
| gptkbp:bfsParent |
gptkb:Shellshock_(2014)
|
| gptkbp:bfsLayer |
6
|