Vulnerabilities (CVE)

Filtered by vendor Icoutils Project Subscribe

Filtered by product Icoutils

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-6009	3 Debian, Icoutils Project, Redhat	8 Debian Linux, Icoutils, Enterprise Linux Desktop and 5 more	2019-03-12	4.3 MEDIUM	5.5 MEDIUM
An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "decode_ne_resource_id" function in the "restable.c" source file. This is happening because the "len" parameter for memcpy is not checked for size and thus becomes a negative integer in the process, resulting in a failed memcpy. This affects wrestool.
CVE-2017-6010	3 Debian, Icoutils Project, Redhat	8 Debian Linux, Icoutils, Enterprise Linux Desktop and 5 more	2019-03-12	4.3 MEDIUM	5.5 MEDIUM
An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "extract_icons" function in the "extract.c" source file. This issue can be triggered by processing a corrupted ico file and will result in an icotool crash.
CVE-2017-6011	3 Debian, Icoutils Project, Redhat	8 Debian Linux, Icoutils, Enterprise Linux Desktop and 5 more	2019-03-12	4.3 MEDIUM	5.5 MEDIUM
An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.