Published: 29/03/2017 Updated: 01/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The string-translate* procedure in the data-structures unit in CHICKEN prior to 4.10.0 allows remote malicious users to cause a denial of service (crash).

Vulnerable Product	Search on Vulmon	Subscribe to Product
call-cc chicken

Debian Bug report logs - #775346 chicken: CVE-2014-9651: buffer overrun in CHICKEN Scheme's substring-index Package: chicken; Maintainer for chicken is Davide Puricelli (evo) <evo@debianorg>; Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Wed, 14 Jan 2015 14:21:02 UTC Severity: grave Tags: fixed-upstream, pa ...

Debian Bug report logs - #788833 chicken: CVE-2015-4556: buffer overrun in CHICKEN Scheme's string-translate* procedure Package: src:chicken; Maintainer for src:chicken is Davide Puricelli (evo) <evo@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 15 Jun 2015 12:57:02 UTC Severity: grave ...

CWE-20 https://bugzilla.redhat.com/show_bug.cgi?id=1231871 http://seclists.org/oss-sec/2015/q2/712 http://lists.nongnu.org/archive/html/chicken-hackers/2015-06/msg00037.html http://lists.nongnu.org/archive/html/chicken-announce/2015-06/msg00010.html http://www.securityfocus.com/bid/97293 https://security.gentoo.org/glsa/201612-54 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775346

CVE-2015-4556

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect