Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc in the current working directory.
https://exchange.xforce.ibmcloud.com/vulnerabilities/85065
http://www.securityfocus.com/bid/58583