CVE-2013-7345

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2013-7345

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2013-7345.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2013-7345

Downstream

DEBIAN-CVE-2013-7345

DSA-2873-1

DSA-3064-1

RHSA-2014:1013

RHSA-2014:1765

UBUNTU-CVE-2013-7345

USN-2278-1

openSUSE-SU-2024:10290-1

openSUSE-SU-2024:10344-1

openSUSE-SU-2024:11169-1

Related

Withdrawn

2026-01-27T04:13:15.349261Z

Published

2014-03-24T16:31:08Z

Modified

2026-01-27T04:13:15.349261Z

Summary

[none]

Details

The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters.

References

Affected packages