CVE-2017-11343CVE-2017-11343

Affected configuration(s):

cpe:/a:call-cc:chicken:4.12.0

Date published: 2017-07-17T09:18:20.890-04:00

Date last modified: 2017-07-26T16:04:49.597-04:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://lists.gnu.org/archive/html/chicken-announce/2017-07/msg00000.html

Summary: Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in O(n) lookup time.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.