NULL Pointer Dereference Vulnerability in zsh's cd Command

NULL Pointer Dereference Vulnerability in zsh's cd Command

CVE-2017-18205 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set.

Learn more about our Web Application Penetration Testing UK.