Unrated severityNVD Advisory· Published Mar 24, 2014· Updated Jun 17, 2026
CVE-2013-7345
CVE-2013-7345
Description
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*range: <5.15
- (no CPE)range: <5.15
- osv-coords3 versionspkg:rpm/opensuse/php5&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/php7&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/php8&distro=openSUSE%20Tumbleweed
< 5.6.28-1.1+ 2 more
- (no CPE)range: < 5.6.28-1.1
- (no CPE)range: < 7.0.14-1.4
- (no CPE)range: < 8.0.11-1.1
Patches
Vulnerability mechanics
References
6- bugs.gw.com/view.phpnvdBroken LinkExploitIssue TrackingPatchThird Party Advisory
- github.com/file/file/commit/ef2329cf71acb59204dd981e2c6cce6c81fe467cnvdExploitPatchThird Party Advisory
- rhn.redhat.com/errata/RHSA-2014-1765.htmlnvdThird Party Advisory
- support.apple.com/kb/HT6443nvdThird Party Advisory
- www.debian.org/security/2014/dsa-2873nvdThird Party Advisory
- bugs.debian.org/cgi-bin/bugreport.cginvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.