0.004 Low
EPSS
Percentile
74.2%
Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode.
lists.gnu.org/archive/html/bug-gnu-chess/2015-10/msg00002.html
svn.savannah.gnu.org/viewvc?view=rev&root=chess&revision=134
launchpad.net/bugs/cve/CVE-2015-8972
nvd.nist.gov/vuln/detail/CVE-2015-8972
security-tracker.debian.org/tracker/CVE-2015-8972
www.cve.org/CVERecord?id=CVE-2015-8972