Vulnerabilities (CVE)

Filtered by vendor Icoutils Project Subscribe
Filtered by product Icoutils
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-6011 3 Debian, Icoutils Project, Redhat 8 Debian Linux, Icoutils, Enterprise Linux Desktop and 5 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.
CVE-2017-6010 3 Debian, Icoutils Project, Redhat 8 Debian Linux, Icoutils, Enterprise Linux Desktop and 5 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "extract_icons" function in the "extract.c" source file. This issue can be triggered by processing a corrupted ico file and will result in an icotool crash.
CVE-2017-6009 3 Debian, Icoutils Project, Redhat 8 Debian Linux, Icoutils, Enterprise Linux Desktop and 5 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "decode_ne_resource_id" function in the "restable.c" source file. This is happening because the "len" parameter for memcpy is not checked for size and thus becomes a negative integer in the process, resulting in a failed memcpy. This affects wrestool.
CVE-2017-5333 5 Canonical, Debian, Icoutils Project and 2 more 11 Ubuntu Linux, Debian Linux, Icoutils and 8 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.
CVE-2017-5332 5 Canonical, Debian, Icoutils Project and 2 more 11 Ubuntu Linux, Debian Linux, Icoutils and 8 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
CVE-2017-5331 4 Canonical, Debian, Icoutils Project and 1 more 5 Ubuntu Linux, Debian Linux, Icoutils and 2 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
CVE-2017-5208 3 Debian, Icoutils Project, Redhat 8 Debian Linux, Icoutils, Enterprise Linux Desktop and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code.