CVE-2013-1874
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
29/09/2014
Last modified:
12/04/2025
Description
Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc in the current working directory.
Impact
Base Score 2.0
4.40
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:call-cc:chicken:*:*:*:*:*:*:*:* | 4.8.1 (including) | |
| cpe:2.3:a:call-cc:chicken:4.8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:call-cc:chicken:4.8.0:rc1:*:*:*:*:*:* | ||
| cpe:2.3:a:call-cc:chicken:4.8.0:rc2:*:*:*:*:*:* | ||
| cpe:2.3:a:call-cc:chicken:4.8.0:rc3:*:*:*:*:*:* | ||
| cpe:2.3:a:call-cc:chicken:4.8.0:rc4:*:*:*:*:*:* | ||
| cpe:2.3:a:call-cc:chicken:4.8.0.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:call-cc:chicken:4.8.0.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:call-cc:chicken:4.8.0.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:call-cc:chicken:4.8.0.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:call-cc:chicken:4.8.0.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:call-cc:chicken:4.8.0.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:call-cc:chicken:4.8.0.7:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git%3Ba%3Dblob%3Bf%3DNEWS%3Bh%3Dc21c7cf9d1faf4f78736890ac7ca1d4b82d72ddd%3Bhb%3Dc6750af99ada7fa4815ee834e4e705bcfac9c137
- http://seclists.org/oss-sec/2013/q1/692
- http://www.osvdb.org/91520
- http://www.securityfocus.com/bid/58583
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85065
- http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git%3Ba%3Dblob%3Bf%3DNEWS%3Bh%3Dc21c7cf9d1faf4f78736890ac7ca1d4b82d72ddd%3Bhb%3Dc6750af99ada7fa4815ee834e4e705bcfac9c137
- http://seclists.org/oss-sec/2013/q1/692
- http://www.osvdb.org/91520
- http://www.securityfocus.com/bid/58583
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85065