MiracleLinux 7 : icoutils-0.31.3-1.el7 (AXSA:2017-1531:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-1531:01 advisory. The icoutils are a set of programs for extracting and converting images in Microsoft Windows icon and cursor files. These files usually have the...

EUVD-2017-15079

Malware in sbrugna...

EUVD-2017-15077

Malware in sbrugna...

EUVD-2017-14438

Malware in sbrugna...

EUVD-2017-15078

Malware in sbrugna...

EUVD-2017-14314

Malware in sbrugna...

RHSA-2017:0837 Red Hat Security Advisory: icoutils security update

Bulletin has no description...

OPENSUSE-SU-2024:10858-1 icoutils-0.32.3-1.7 on GA media

These are all security issues fixed in the icoutils-0.32.3-1.7 package on the GA media of openSUSE Tumbleweed...

Debian: Security Advisory (DLA-789-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2017-5208

Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service memory corruption via a crafted executable, which triggers a denial of service application crash or the possibility of execution of arbitrary code...

SUSE CVE-2017-5331

Integer overflow in the checkoffset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service process crash and execute arbitrary code via a crafted executable...

SUSE CVE-2017-5332

The extractgroupiconcursorresource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service process crash and execute arbitrary code via a crafted executable...

SUSE CVE-2017-5333

Integer overflow in the extractgroupiconcursorresource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service process crash or execute arbitrary code via a crafted executable file...

SUSE CVE-2017-6009

An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "decodeneresourceid" function in the "restable.c" source file. This is happening because the "len" parameter for memcpy is not checked for size and thus becomes a negative integer in the process, resulting in a fail...

SUSE CVE-2017-6010

An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "extracticons" function in the "extract.c" source file. This issue can be triggered by processing a corrupted ico file and will result in an icotool crash...

SUSE CVE-2017-6011

An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simplevec" function in the "extract.c" source file. This affects icotool...

new packages: icoutils

An update is available for icoutils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterpris...

Mageia: Security Advisory (MGASA-2017-0044)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0080)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4695-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...