18 Jui 2019
Vulnérabilité CVE-2012-6711 CVE Vulnerability
A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv(). (CVSS:0.0) (Last Update:2019-06-18)
Vulnerability Details : A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv(). Publish Date : 2019-06-18 Last Update Date : 2019-06-18 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2012-6711
- References For CVE-2012-6711
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2012-6711There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |