CVE-2007-2026
published 2007-04-13CVE-2007-2026: The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted document with a…
high7.8CVSS 3.1
AVNACLAuNCNINAC
The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported for AMaViS.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | file | < file 4.20-6 (bookworm) | file 4.20-6 (bookworm) |
| file_project | file | >= 0 < 4.20-6 | 4.20-6 |
| file_project | file | >= 0 < 4.20-6 | 4.20-6 |
| file_project | file | >= 0 < 4.20-6 | 4.20-6 |
| file_project | file | >= 0 < 4.20-6 | 4.20-6 |
| gentoo | file | — | — |
CVSS provenance
nvd7.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
osv7.8HIGH