CVE-2014-6310

CRITICAL

CHICKEN <4.9.0.1 - RCE

Title source: llm
STIX 2.1

Description

Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function.

References (4)

Core 4
Core References
Third Party Advisory x_refsource_misc
https://security-tracker.debian.org/tracker/CVE-2014-6310
Mailing List, Patch, Third Party Advisory x_refsource_misc
http://www.openwall.com/lists/oss-security/2014/09/11/6
Third Party Advisory, VDB Entry x_refsource_misc
http://www.securityfocus.com/bid/69727
Mailing List, Third Party Advisory x_refsource_confirm
https://lists.nongnu.org/archive/html/chicken-users/2014-08/msg00055.html

Scores

CVSS v3 9.8
EPSS 0.1693
EPSS Percentile 95.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-120
Status published
Products (5)
call-cc/chicken 4.9.0
call-cc/chicken 4.9.0.1
debian/debian_linux 8.0
debian/debian_linux 9.0
debian/debian_linux 10.0
Published Nov 22, 2019
Tracked Since Feb 18, 2026