Showing 1 - 3 of 3

CVE-2017-6011

Status Candidate

Overview

An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.

Related Files

Gentoo Linux Security Advisory 201801-12: Posted Jan 12, 2018; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201801-12 - Multiple vulnerabilities have been found in icoutils, the worst of which may lead to arbitrary code execution. Versions less than 0.32.0 are affected.; tags | advisory, arbitrary, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2017-5208, CVE-2017-6009, CVE-2017-6010, CVE-2017-6011; MD5 | f3c23ee43d1d41e4d15e36e9572834b8; Download | Favorite | Comments (0)

Red Hat Security Advisory 2017-0837-01: Posted Mar 23, 2017; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2017-0837-01 - The icoutils are a set of programs for extracting and converting images in Microsoft Windows icon and cursor files. These files usually have the extension .ico or .cur, but they can also be embedded in executables or libraries. Security Fix: Multiple vulnerabilities were found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in memory corruption leading to a crash or potential code execution.; tags | advisory, vulnerability, code execution; systems | linux, redhat, windows; advisories | CVE-2017-5208, CVE-2017-5332, CVE-2017-5333, CVE-2017-6009, CVE-2017-6010, CVE-2017-6011; MD5 | 9ae26a5f0de12baafe740afbafa04442; Download | Favorite | Comments (0)

Ubuntu Security Notice USN-3226-1: Posted Mar 13, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3226-1 - Jerzy Kramarz discovered that icoutils incorrectly handled memory when processing certain files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause icoutils to crash, resulting in a denial of service, or possibly execute arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2017-6009, CVE-2017-6010, CVE-2017-6011; MD5 | ad000a09a296937400cc5e628cd70a08; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Red Hat 68 files
Ubuntu 43 files
Debian 28 files
Google Security Research 27 files
Gentoo 23 files
Todor Donev 15 files
Sureshbabu Narvaneni 11 files
mjurczyk 9 files
Apple 7 files
lokihardt 6 files

File Archives

Systems

AIX (409)
Apple (1,539)
BSD (333)
Cisco (1,807)
Debian (5,485)
Fedora (1,679)
FreeBSD (1,193)
Gentoo (3,561)
HPUX (865)
iOS (171)
iPhone (103)
IRIX (219)
Juniper (66)
Linux (33,219)
Mac OS X (652)
Mandriva (3,105)
NetBSD (254)
OpenBSD (455)
RedHat (6,401)
Slackware (814)
Solaris (1,569)
SUSE (1,444)
Ubuntu (5,589)
UNIX (8,259)
UnixWare (172)
Windows (5,320)
Other