CVE-2014-7187

EXPLOITED

GNU Bash <4.3 - DoS

Title source: llm

Description

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.

Exploits (2)

exploitdb WORKING POC VERIFIED

by fdiskyou · pythonremotelinux

https://www.exploit-db.com/exploits/36933

View Code ZIP pw:eip

exploitdb WORKING POC

pythonremotelinux

https://www.exploit-db.com/exploits/34860

View Code ZIP pw:eip

References (123)

[Mailing List] http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html

[Mailing List] http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg21685733

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg21685749

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg21685914

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg21686084

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg21686131

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg21686246

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg21686445

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg21686447

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg21686479

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg21686494

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg21687079

[Various Sources] http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315

[Various Sources] http://www.qnap.com/i/en/support/con_show.php?cid=61

[Various Sources] https://kb.bluecoat.com/index?page=content&id=SA82

[Third Party Advisory] http://jvn.jp/en/jp/JVN55667175/index.html

[Third Party Advisory] http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html

... and 103 more

Scores

EPSS 0.8986

EPSS Percentile 99.6%

Details

VulnCheck KEV 2018-03-01

CWE

CWE-119

Status published

Products (25)

gnu/bash 1.14.0

gnu/bash 1.14.1

gnu/bash 1.14.2

gnu/bash 1.14.3

gnu/bash 1.14.4

gnu/bash 1.14.5

gnu/bash 1.14.6

gnu/bash 1.14.7

gnu/bash 2.0

gnu/bash 2.01

... and 15 more

Published Sep 28, 2014

Tracked Since Feb 18, 2026