CVE-2014-7187— GNU Bash 缓冲区溢出漏洞

EPSS 89.86% · P100 更新日 2026-02-21

新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2014-7187の基本情報

脆弱性情報

脆弱性についてご質問がありますか？Shenlongの分析が参考になるかご確認ください！

Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル

N/A

ソース: NVD (National Vulnerability Database)

脆弱性説明

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.

ソース: NVD (National Vulnerability Database)

CVSS情報

N/A

ソース: NVD (National Vulnerability Database)

脆弱性タイプ

N/A

ソース: NVD (National Vulnerability Database)

脆弱性タイトル

GNU Bash 缓冲区溢出漏洞

ソース: CNNVD (China National Vulnerability Database)

脆弱性説明

GNU Bash是美国软件开发者布莱恩-福克斯（Brian J. Fox）为GNU计划而编写的一个Shell（命令语言解释器），它运行于类Unix操作系统中（Linux系统的默认Shell），并能够从标准输入设备或文件中读取、执行命令，同时也结合了一部分ksh和csh的特点。 GNU Bash 4.3 bash43-026及之前版本的parse.y文件中的‘read_token_word’函数中存在差一错误漏洞。远程攻击者可通过多层的嵌套循环利用该漏洞造成拒绝服务（越边界数组访问和应用程序崩溃）。

ソース: CNNVD (China National Vulnerability Database)

CVSS情報

N/A

ソース: CNNVD (China National Vulnerability Database)

脆弱性タイプ

N/A

ソース: CNNVD (China National Vulnerability Database)

Shenlong 10 Questions — AI 深度分析

十问解析：根本原因、利用方式、修复建议、紧迫性。摘要免费，完整版需登录。

查看摘要完整分析（登录）

影響を受ける製品

ベンダー	プロダクト	影響を受けるバージョン	CPE	購読
-	n/a	n/a	-

II. CVE-2014-7187の公開POC

#	POC説明	ソースリンク	Shenlongリンク

AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2014-7187のインテリジェンス情報

お願いしますログインより多くのインテリジェンス情報を見る

https://support.apple.com/HT205267x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2014-0010.htmlx_refsource_CONFIRM
http://www.qnap.com/i/en/support/con_show.php?cid=61x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21685604x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686479x_refsource_CONFIRM
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686445x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686246x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686084x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21685914x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21687079x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915x_refsource_CONFIRM
http://support.apple.com/HT204244x_refsource_CONFIRM
http://www.novell.com/support/kb/doc.php?id=7015721x_refsource_CONFIRM
http://support.novell.com/security/cve/CVE-2014-7187.htmlx_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.htmlx_refsource_CONFIRM
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648x_refsource_CONFIRM
https://kb.bluecoat.com/index?page=content&id=SA82x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21685749x_refsource_CONFIRM
https://kc.mcafee.com/corporate/index?page=content&id=SB10085x_refsource_CONFIRM
https://support.citrix.com/article/CTX200217x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272x_refsource_CONFIRM
Multiple GNU Bash vulnerabilitiesx_refsource_CONFIRM
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686494x_refsource_CONFIRM
http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.htmlx_refsource_MISC
Security Bulletin: Vulnerabilities in Bash affect IBM SDN VE (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686447x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21685733x_refsource_CONFIRM
https://www.suse.com/support/shellshock/x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686131x_refsource_CONFIRM
https://support.citrix.com/article/CTX200223x_refsource_CONFIRM
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879x_refsource_CONFIRM
http://secunia.com/advisories/61291third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61703third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61552third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61857third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/58200third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61312third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/59907third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61283third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61313third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61188third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61855third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/60034third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61550third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/60044third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/60024third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/60055third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/62343third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61485third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61618third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61641third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61654third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61129third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/60193third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61636third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61643third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61622third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61287third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/60433third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61633third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61816third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61479third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61065third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61873third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61503third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61328third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61442third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/62312third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61565third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61603third-party-advisoryx_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=142721162228379&w=2vendor-advisoryx_refsource_HP
http://www.ubuntu.com/usn/USN-2364-1vendor-advisoryx_refsource_UBUNTU
http://marc.info/?l=bugtraq&m=142289270617409&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141383026420882&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141585637922673&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141694386919794&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=142358026505815&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=142358078406056&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141577241923505&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141383081521087&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141383196021590&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141879528318582&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141345648114150&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141450491804793&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141383304022067&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141576728022234&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141383244821813&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141383138121313&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141330468527613&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141577137423233&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=141577297623641&w=2vendor-advisoryx_refsource_HP
http://jvn.jp/en/jp/JVN55667175/index.htmlthird-party-advisoryx_refsource_JVN
http://www.mandriva.com/security/advisories?name=MDVSA-2015:164vendor-advisoryx_refsource_MANDRIVA
http://rhn.redhat.com/errata/RHSA-2014-1354.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2014-1312.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2014-1311.htmlvendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.htmlvendor-advisoryx_refsource_SUSE
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126third-party-advisoryx_refsource_JVNDB
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.htmlvendor-advisoryx_refsource_SUSE
http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.htmlvendor-advisoryx_refsource_APPLE
http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.htmlvendor-advisoryx_refsource_APPLE
http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.htmlvendor-advisoryx_refsource_SUSE
http://openwall.com/lists/oss-security/2014/09/25/32mailing-listx_refsource_MLIST
http://openwall.com/lists/oss-security/2014/09/26/2mailing-listx_refsource_MLIST
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bashvendor-advisoryx_refsource_CISCO
http://openwall.com/lists/oss-security/2014/09/28/10mailing-listx_refsource_MLIST
http://www.securityfocus.com/archive/1/533593/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2014-7187

Same Patch Batch · n/a · 2014-09-28 · 42 CVEs total

CVE-2014-6762		Android bongomovie应用程序加密问题漏洞
CVE-2014-6752		Android Mindless Behavior Fan Base应用程序加密问题漏洞
CVE-2014-6753		Android sunnat e rasool应用程序加密问题漏洞
CVE-2014-6754		Android Vector Outage Manager应用程序加密问题漏洞
CVE-2014-6755		Android SDN Forum应用程序加密问题漏洞
CVE-2014-6756		Android Reddit Aww应用程序加密问题漏洞
CVE-2014-6757		Android Koran - AlqoranVideos应用程序加密问题漏洞
CVE-2014-6758		Android Qin Story应用程序加密问题漏洞
CVE-2014-6759		Android Downton Abbey Fan Portal应用程序加密问题漏洞
CVE-2014-6760		Android Harem Thief Dating应用程序加密问题漏洞
CVE-2014-6761		Android Aprende a Meditar应用程序加密问题漏洞
CVE-2014-6751		Android Grasshopper Beta应用程序加密问题漏洞
CVE-2014-6763		Android Codename Birdgame应用程序加密问题漏洞
CVE-2014-6764		Android Assyrian应用程序加密问题漏洞
CVE-2014-6765		Android No Fuss Home Loans应用程序加密问题漏洞
CVE-2014-6766		Android Afro-Beat应用程序加密问题漏洞
CVE-2014-6767		Android Juggle! FREE应用程序加密问题漏洞
CVE-2014-6768		Android Anywhere Anytime Yoga Workout应用程序加密问题漏洞
CVE-2014-6769		Android Meteo Belgique应用程序加密问题漏洞
CVE-2014-6770		Android Aerospace Jobs应用程序加密问题漏洞

Showing 20 of 42 CVEs. View all on vendor page →

IV. 関連脆弱性

同じ製品: n/a

同じベンダー: n/a

V. CVE-2014-7187へのコメント

まだコメントはありません

目標達成すべての支援者に感謝 — 100%達成しました！

CVE-2014-7187— GNU Bash 缓冲区溢出漏洞

I. CVE-2014-7187の基本情報

脆弱性情報

脆弱性タイトル

脆弱性説明

CVSS情報

脆弱性タイプ

脆弱性タイトル

脆弱性説明

CVSS情報

脆弱性タイプ

Shenlong 10 Questions — AI 深度分析

影響を受ける製品

II. CVE-2014-7187の公開POC

III. CVE-2014-7187のインテリジェンス情報

Same Patch Batch · n/a · 2014-09-28 · 42 CVEs total

IV. 関連脆弱性

V. CVE-2014-7187へのコメント

コメントを残す

目標達成 すべての支援者に感謝 — 100%達成しました！

CVE-2014-7187— GNU Bash 缓冲区溢出漏洞

I. CVE-2014-7187の基本情報

脆弱性情報

脆弱性タイトル

脆弱性説明

CVSS情報

脆弱性タイプ

脆弱性タイトル

脆弱性説明

CVSS情報

脆弱性タイプ

Shenlong 10 Questions — AI 深度分析

影響を受ける製品

II. CVE-2014-7187の公開POC

III. CVE-2014-7187のインテリジェンス情報

Same Patch Batch · n/a · 2014-09-28 · 42 CVEs total

IV. 関連脆弱性

V. CVE-2014-7187へのコメント

コメントを残す

目標達成すべての支援者に感謝 — 100%達成しました！