CVE-2013-1874

Published Sep 29, 2014

Last updated 3 months ago

CVSS info 4.4

Overview

Description: Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc in the current working directory.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.4
Impact score: 6.4
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Evaluator

Comment: <a href = http://cwe.mitre.org/data/definitions/426.html> CWE-426: Untrusted Search Path </a>
Impact: -
Solution: -

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:call-cc:chicken:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAD2B083-C519-4FA4-8208-EC42993B5A2E",
            "versionEndIncluding": "4.8.1"
          },
          {
            "criteria": "cpe:2.3:a:call-cc:chicken:4.8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "240B3138-ADCF-44C1-95B8-ED6E08155DEE"
          },
          {
            "criteria": "cpe:2.3:a:call-cc:chicken:4.8.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9262F16B-13E3-4EFD-B543-52AD1800D8FF"
          },
          {
            "criteria": "cpe:2.3:a:call-cc:chicken:4.8.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A378A459-4D15-485E-BF89-8C583CE917AF"
          },
          {
            "criteria": "cpe:2.3:a:call-cc:chicken:4.8.0:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "617A1685-FADE-41AD-8413-EFCC8C5F589E"
          },
          {
            "criteria": "cpe:2.3:a:call-cc:chicken:4.8.0:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B473E43F-B19F-4FC2-A8D6-9CA0FEBB5BA2"
          },
          {
            "criteria": "cpe:2.3:a:call-cc:chicken:4.8.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D99ED5A6-BF7C-401A-AF52-3AE003A0A248"
          },
          {
            "criteria": "cpe:2.3:a:call-cc:chicken:4.8.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "383D5550-78AA-4748-88E6-FEA211B21029"
          },
          {
            "criteria": "cpe:2.3:a:call-cc:chicken:4.8.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2769DED2-4D10-409C-9552-756BC64EA631"
          },
          {
            "criteria": "cpe:2.3:a:call-cc:chicken:4.8.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB18E691-ACA3-493F-AF3A-A1B14CE700C6"
          },
          {
            "criteria": "cpe:2.3:a:call-cc:chicken:4.8.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C91E7D8F-BC2F-4601-B6F0-012A1C911F1E"
          },
          {
            "criteria": "cpe:2.3:a:call-cc:chicken:4.8.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B12FDD19-0C1B-4C65-A3AF-C812969913F2"
          },
          {
            "criteria": "cpe:2.3:a:call-cc:chicken:4.8.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E44A5135-7525-4209-8AF0-2F37581A46D6"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References