- EPSS 90.11%
- Published 25.09.2014 01:55:04
- Last modified 12.04.2025 10:46:40
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted enviro...
- EPSS 94.22%
- Published 24.09.2014 18:48:04
- Last modified 12.04.2025 10:46:40
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceComman...
- EPSS 6.62%
- Published 05.06.2014 20:55:06
- Last modified 12.04.2025 10:46:40
Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.
CVE-2014-3468
- EPSS 6.27%
- Published 05.06.2014 20:55:06
- Last modified 12.04.2025 10:46:40
The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.