CVE Vulnerabilities

CVE-2014-3538

Published: Jul 03, 2014 | Modified: Jan 19, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345.

Affected Software

Name Vendor Start Version End Version
File Christos_zoulas * 5.18 (including)
File Christos_zoulas 5.00 (including) 5.00 (including)
File Christos_zoulas 5.01 (including) 5.01 (including)
File Christos_zoulas 5.02 (including) 5.02 (including)
File Christos_zoulas 5.03 (including) 5.03 (including)
File Christos_zoulas 5.04 (including) 5.04 (including)
File Christos_zoulas 5.05 (including) 5.05 (including)
File Christos_zoulas 5.06 (including) 5.06 (including)
File Christos_zoulas 5.07 (including) 5.07 (including)
File Christos_zoulas 5.08 (including) 5.08 (including)
File Christos_zoulas 5.09 (including) 5.09 (including)
File Christos_zoulas 5.10 (including) 5.10 (including)
File Christos_zoulas 5.11 (including) 5.11 (including)
File Christos_zoulas 5.12 (including) 5.12 (including)
File Christos_zoulas 5.13 (including) 5.13 (including)
File Christos_zoulas 5.14 (including) 5.14 (including)
File Christos_zoulas 5.15 (including) 5.15 (including)
File Christos_zoulas 5.16 (including) 5.16 (including)
File Christos_zoulas 5.17 (including) 5.17 (including)

References