CVE-2013-4385

CHICKEN < 4.8.0.4 - Buffer Overflow in read-string! Procedure

Title source: llm
STIX 2.1

Description

Buffer overflow in the "read-string!" procedure in the "extras" unit in CHICKEN stable before 4.8.0.5 and development snapshots before 4.8.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via a "#f" value in the NUM argument.

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/62690
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201612-54
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/55009

Scores

EPSS 0.0339
EPSS Percentile 87.4%

Details

CWE
CWE-119
Status published
Products (41)
call-cc/chicken 3.0.0
call-cc/chicken 3.1.0
call-cc/chicken 3.2.0
call-cc/chicken 3.3.0
call-cc/chicken 3.4.0
call-cc/chicken 4.0.0
call-cc/chicken 4.1.0
call-cc/chicken 4.2.0
call-cc/chicken 4.3.0
call-cc/chicken 4.4.0
... and 31 more
Published Oct 09, 2013
Tracked Since Feb 18, 2026