Description
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters.
Remediation
References
Related Vulnerabilities
WordPress Plugin Daily Maui Photo Widget Multiple Cross-Site Scripting Vulnerabilities (0.2)
PHP Other Vulnerability (CVE-2007-1521)
WordPress Plugin WP Socializer-Simple & Easy Social Media Share Icons Cross-Site Scripting (2.4.2)
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3738)
Oracle Database Server CVE-2006-5342 Vulnerability (CVE-2006-5342)