Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2017-6949

Published: 16/03/2017 Updated: 05/04/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

An issue exists in CHICKEN Scheme up to and including 4.12.0. When using a nonstandard CHICKEN-specific extension to allocate an SRFI-4 vector in unmanaged memory, the vector size would be used in unsanitised form as an argument to malloc(). With an unexpected size, the impact may have been a segfault or buffer overflow.

Vulnerable Product Search on Vulmon Subscribe to Product

call-cc chicken 4.12.0

Vendor Advisories

Debian CVElist Bug Report Logs: chicken: CVE-2017-11343
Debian Bug report logs - #870266 chicken: CVE-2017-11343 Package: src:chicken; Maintainer for src:chicken is Davide Puricelli (evo) <evo@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 31 Jul 2017 12:33:01 UTC Severity: important Tags: fixed-upstream, patch, security, upstream Found in ...
Debian CVElist Bug Report Logs: CVE-2016-9954
Debian Bug report logs - #851278 CVE-2016-9954 Package: src:chicken; Maintainer for src:chicken is Davide Puricelli (evo) <evo@debianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Fri, 13 Jan 2017 16:27:04 UTC Severity: important Tags: security Found in versions chicken/4901-1, chicken/4110-1 Fix ...
Debian CVElist Bug Report Logs: CVE-2017-9334
Debian Bug report logs - #863884 CVE-2017-9334 Package: chicken; Maintainer for chicken is Davide Puricelli (evo) <evo@debianorg>; Reported by: Guido Günther <agx@sigxcpuorg> Date: Thu, 1 Jun 2017 15:03:02 UTC Severity: grave Tags: fixed-upstream, security, upstream Found in versions 4110-1, 4901-1 Fixed in ...
Debian CVElist Bug Report Logs: chicken: CVE-2016-6830 CVE-2016-6831
Debian Bug report logs - #834845 chicken: CVE-2016-6830 CVE-2016-6831 Package: src:chicken; Maintainer for src:chicken is Davide Puricelli (evo) <evo@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 19 Aug 2016 19:42:02 UTC Severity: grave Tags: jessie-ignore, patch, security, stretch-ign ...
Debian CVElist Bug Report Logs: chicken: CVE-2017-6949
Debian Bug report logs - #858057 chicken: CVE-2017-6949 Package: src:chicken; Maintainer for src:chicken is Davide Puricelli (evo) <evo@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 17 Mar 2017 20:21:02 UTC Severity: important Tags: patch, security, upstream Found in version chicken/4 ...

References

CWE-119http://lists.gnu.org/archive/html/chicken-announce/2017-03/msg00000.htmlhttp://www.securityfocus.com/bid/97317https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870266
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316SQL injectiontype confusionCVE-2024-20697CVE-2024-4344localCVE-2024-30043CVE-2024-3821CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook