CVE-2013-7345 in Mac OS X
摘要 (英语)
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
预定
2014-03-23
披露
2014-03-24
状态
已确认
条目
VulDB provides additional information and datapoints for this CVE:
| 标识符 | 漏洞 | CWE | 可利用 | 对策 | CVE |
|---|---|---|---|---|---|
| 67620 | Apple Mac OS X apache_mod_php commands 权限提升 | 264 | 未定义 | 官方修复 | CVE-2013-7345 |
| 13007 | PHP fileinfo commands 权限提升 | 264 | 未定义 | 官方修复 | CVE-2013-7345 |