CVE-2014-7817

2014-11-24T10:59:01
ID CVE-2014-7817
Type cve
Reporter NVD
Modified 2018-01-18T13:18:01

Description

The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((...))".