CVE-2013-4385
CHICKEN < 4.8.0.4 - Buffer Overflow in read-string! Procedure
Title source: llmDescription
Buffer overflow in the "read-string!" procedure in the "extras" unit in CHICKEN stable before 4.8.0.5 and development snapshots before 4.8.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via a "#f" value in the NUM argument.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/62690
Various Sources mailing-list
x_refsource_mlist
http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00001.html
Patch mailing-list
x_refsource_mlist
http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00000.html
Patch mailing-list
x_refsource_mlist
http://lists.gnu.org/archive/html/chicken-announce/2013-10/msg00000.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201612-54
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/55009
Scores
EPSS
0.0339
EPSS Percentile
87.4%
Details
CWE
CWE-119
Status
published
Products (41)
call-cc/chicken
3.0.0
call-cc/chicken
3.1.0
call-cc/chicken
3.2.0
call-cc/chicken
3.3.0
call-cc/chicken
3.4.0
call-cc/chicken
4.0.0
call-cc/chicken
4.1.0
call-cc/chicken
4.2.0
call-cc/chicken
4.3.0
call-cc/chicken
4.4.0
... and 31 more
Published
Oct 09, 2013
Tracked Since
Feb 18, 2026