CVE-2013-1874

Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc in the current working directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
VendorProductVersion
call-ccchicken
𝑥
≤ 4.8.1
call-ccchicken
4.8.0
call-ccchicken
4.8.0:rc1
call-ccchicken
4.8.0:rc2
call-ccchicken
4.8.0:rc3
call-ccchicken
4.8.0:rc4
call-ccchicken
4.8.0.1
call-ccchicken
4.8.0.2
call-ccchicken
4.8.0.3
call-ccchicken
4.8.0.4
call-ccchicken
4.8.0.5
call-ccchicken
4.8.0.6
call-ccchicken
4.8.0.7
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
chicken
bullseye
5.2.0-2
fixed
squeeze
no-dsa
wheezy
no-dsa
bookworm
5.3.0-1
fixed
sid
5.3.0-2
fixed
trixie
5.3.0-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chicken
zesty
not-affected
yakkety
not-affected
xenial
not-affected
wily
ignored
vivid
ignored
utopic
ignored
trusty
dne
saucy
ignored
raring
ignored
quantal
ignored
precise
ignored
oneiric
ignored
lucid
ignored
hardy
ignored
References
http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git%3Ba=blob%3Bf=NEWS%3Bh=c21c7cf9d1faf4f78736890ac7ca1d4b82d72ddd%3Bhb=c6750af99ada7fa4815ee834e4e705bcfac9c137
http://seclists.org/oss-sec/2013/q1/692
http://www.osvdb.org/91520
http://www.securityfocus.com/bid/58583
https://exchange.xforce.ibmcloud.com/vulnerabilities/85065
http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git%3Ba=blob%3Bf=NEWS%3Bh=c21c7cf9d1faf4f78736890ac7ca1d4b82d72ddd%3Bhb=c6750af99ada7fa4815ee834e4e705bcfac9c137
http://seclists.org/oss-sec/2013/q1/692
http://www.osvdb.org/91520
http://www.securityfocus.com/bid/58583
https://exchange.xforce.ibmcloud.com/vulnerabilities/85065