CVE-2017-6011

Опубликовано: 03 фев. 2017

Источник: redhat

CVSS3: 8.1

EPSS Низкий

Описание

An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.

A vulnerability was found in icoutils, in the icotool program. An attacker could create a crafted ICO or CUR file that, when read by icotool, could result in memory corruption leading to a crash or potential code execution.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-122

https://bugzilla.redhat.com/show_bug.cgi?id=1422908icoutils: Buffer overflow in the simple_vec function

EPSS

Процентиль: 57%

0.00354

Низкий

8.1 High

CVSS3

Связанные уязвимости

CVE-2017-6011

CVSS3: 5.5

ubuntu

больше 8 лет назад

An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.

CVE-2017-6011

CVSS3: 5.5

nvd

больше 8 лет назад

An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.

CVE-2017-6011

CVSS3: 5.5

debian

больше 8 лет назад

An issue was discovered in icoutils 0.31.1. An out-of-bounds read lead ...

GHSA-r578-98vq-6p5r

CVSS3: 5.5

github

больше 3 лет назад

An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.

openSUSE-SU-2017:2053-1

suse-cvrf

больше 8 лет назад

Security update for icoutils

EPSS

Процентиль: 57%

0.00354

Низкий

8.1 High

CVSS3