CVE-2017-6011

CWE-125Out-of-bounds ReadCWE-122Heap-based Buffer Overflow12 documents8 sources
Severity
5.5MEDIUM
EPSS
0.4%
top 42.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Debian Debian LinuxIcoutils Project IcoutilsRedhat Enterprise Linux Desktop+5 more
Timeline
PublishedFeb 16
Latest updateMay 14

Description

An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages5 packages

Debianicoutils< 0.31.2-1+3

Also affects: Debian Linux 8.0, 9.0, Enterprise Linux 7.3, 7.4, 7.6, 7.5

🔴Vulnerability Details

4
GHSA
GHSA-r578-98vq-6p5r: An issue was discovered in icoutils 02022-05-14
OSV
icoutils vulnerabilities2021-01-18
OSV
CVE-2017-6011: An issue was discovered in icoutils 02017-02-16
CVEList
CVE-2017-6011: An issue was discovered in icoutils 02017-02-16

📋Vendor Advisories

4
Ubuntu
icoutils vulnerabilities2021-01-18
Ubuntu
icoutils vulnerabilities2017-03-13
Red Hat
icoutils: Buffer overflow in the simple_vec function2017-02-03
Debian
CVE-2017-6011: icoutils - An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a b...2017

💬Community

3
Bugzilla
CVE-2017-6009 CVE-2017-6010 CVE-2017-6011 icoutils: various flaws [epel-6]2017-03-09
Bugzilla
CVE-2017-6011 icoutils: Buffer overflow in the simple_vec function2017-02-16
Bugzilla
CVE-2017-6009 CVE-2017-6010 CVE-2017-6011 icoutils: various flaws [fedora-all]2017-02-16
CVE-2017-6011 (MEDIUM CVSS 5.5) | An issue was discovered in icoutils | cvebase.io