CVE-2017-6011: An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c"…

medium5.5CVSS 3.0

AVLACLPRNUIRSUCNINAH

An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.

Affected

21 ranges

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	icoutils	< icoutils 0.31.2-1 (bookworm)	icoutils 0.31.2-1 (bookworm)
icoutils_project	icoutils	—	—
icoutils_project	icoutils	>= 0 < 0.31.2-1	0.31.2-1
icoutils_project	icoutils	>= 0 < 0.31.2-1	0.31.2-1
icoutils_project	icoutils	>= 0 < 0.31.2-1	0.31.2-1
icoutils_project	icoutils	>= 0 < 0.31.2-1	0.31.2-1
icoutils_project	icoutils	>= 0 < 0.31.0-3ubuntu0.1	0.31.0-3ubuntu0.1
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_server	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_tus	—	—
redhat	enterprise_linux_server_tus	—	—
redhat	enterprise_linux_workstation	—	—

CVSS provenance

nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

osv8.8HIGH