CVE Vulnerabilities

CVE-2014-3538

Published: Jul 03, 2014 | Modified: Jan 19, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345.

Affected Software

Name Vendor Start Version End Version
File Christos_zoulas 5.00 5.00
File Christos_zoulas 5.04 5.04
File Christos_zoulas 5.10 5.10
File Christos_zoulas 5.07 5.07
File Christos_zoulas 5.02 5.02
File Christos_zoulas 5.03 5.03
File Christos_zoulas 5.11 5.11
File Christos_zoulas 5.16 5.16
File Christos_zoulas 5.12 5.12
File Christos_zoulas 5.17 5.17
File Christos_zoulas 5.05 5.05
File Christos_zoulas 5.13 5.13
File Christos_zoulas * 5.18
File Christos_zoulas 5.14 5.14
File Christos_zoulas 5.01 5.01
File Christos_zoulas 5.08 5.08
File Christos_zoulas 5.06 5.06
File Christos_zoulas 5.15 5.15
File Christos_zoulas 5.09 5.09

References