Algorithmic Complexity Attack in CHICKEN Scheme: Incomplete Fix for CVE-2012-6125

Algorithmic Complexity Attack in CHICKEN Scheme: Incomplete Fix for CVE-2012-6125

CVE-2017-11343 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in O(n) lookup time.

Learn more about our Web Application Penetration Testing UK.