CVE-2013-4385 Information

Description

Buffer overflow in the \read-string!\ procedure in the \extras\ unit in CHICKEN stable before 4.8.0.5 and development snapshots before 4.8.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via a \f\ value in the NUM argument.

Reference

http://lists.gnu.org/archive/html/chicken-announce/2013-10/msg00000.html http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00000.html http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00001.html http://secunia.com/advisories/55009 http://www.securityfocus.com/bid/62690 https://security.gentoo.org/glsa/201612-54