CVE-2017-11343

Published: Jul 17, 2017Modified: May 13, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in O(n) lookup time.

Affected (1)

Products: Call Cc: Chicken

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Call Cc Chicken	Up to 4.12.0

Related CWEs

Inefficient Algorithmic Complexity

An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.

References (2)

http://lists.gnu.org/archive/html/chicken-announce/2017-07/msg00000.html

Source: cve@mitre.org

Vendor Advisory

http://lists.gnu.org/archive/html/chicken-announce/2017-07/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.