Vulnerability Description
A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes (and is advertised as being unsuitable)."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Call-Cc | Chicken | < 4.8.0 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2013/02/08/2Mailing ListPatchThird Party Advisory
- https://access.redhat.com/security/cve/cve-2012-6124Broken Link
- https://lists.nongnu.org/archive/html/chicken-hackers/2012-02/msg00084.htmlMailing ListPatchThird Party Advisory
- https://security-tracker.debian.org/tracker/CVE-2012-6124Third Party Advisory
- http://www.openwall.com/lists/oss-security/2013/02/08/2Mailing ListPatchThird Party Advisory
- https://access.redhat.com/security/cve/cve-2012-6124Broken Link
- https://lists.nongnu.org/archive/html/chicken-hackers/2012-02/msg00084.htmlMailing ListPatchThird Party Advisory
- https://security-tracker.debian.org/tracker/CVE-2012-6124Third Party Advisory
FAQ
What is CVE-2012-6124?
CVE-2012-6124 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes (and ...
How severe is CVE-2012-6124?
CVE-2012-6124 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-6124?
Check the references section above for vendor advisories and patch information. Affected products include: Call-Cc Chicken.