Configuration Information [Automatically generated, do not change]:
Machine: x86_64
OS: linux-gnu
Compiler: gcc
Compilation CFLAGS: -g -O2 -Wno-parentheses -Wno-format-security
uname output: Linux VirtualBox 4.18.0-20-generic #21~18.04.1-Ubuntu SMP $
Machine Type: x86_64-pc-linux-gnu
Bash Version: 5.0
Patch Level: 0
Release Status: release
Description:
It is possible to get code execution via a user supplied
variable in the mathematical context.
I don't know if this is considered a bug or not, but if not, I
think people should be made aware that the mathematical context is unsafe.
Repeat-By:
If this is considered a bug I would like to get in contact with
someone in charge.
--
Nils Emmerich
ERNW Research GmbH
Carl-Bosch-Str. 4
69115 Heidelberg
www.ernw.de
Tel. +49 6221 480390 (Sekretariat)
Handelsregister Mannheim HRB 723285
Geschäftsführer: Dr.-Ing. Andreas Dewald
Blog: www.insinuator.net
Conference: www.troopers.de
