CVE-2014-7187 (retired)

Priority
Description
Off-by-one error in the read_token_word function in parse.y in GNU Bash
through 4.3 bash43-026 allows remote attackers to cause a denial of service
(out-of-bounds array access and application crash) or possibly have
unspecified other impact via deeply nested for loops, aka the "word_lineno"
issue.
Package
Source: bash (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (4.3-7ubuntu1.4)
More Information

Updated: 2019-03-26 12:13:33 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)