mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 03:02:30 +00:00
874 B
874 B
CVE-2013-7345
Description
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters.
POC
Reference
No PoCs from references.