What is the severity of CVE-2017-5208?

CVE-2017-5208 is classified as a medium severity integer overflow vulnerability.

How do I fix CVE-2017-5208?

To fix CVE-2017-5208, upgrade icoutils to version 0.31.1 or 0.32.3-3 or 0.32.3-4.

What impact can CVE-2017-5208 have on my system?

CVE-2017-5208 can cause crashes or allow potential code execution if exploited.

Which software versions are affected by CVE-2017-5208?

Affected software versions include icoutils prior to 0.31.1 and specific versions of Debian and Red Hat systems.

Where can I find more information about CVE-2017-5208?

Further details about CVE-2017-5208 can typically be found in public vulnerability databases.

Vulnerability/
CVE-2017-5208

high

8.8

CWE

190

3/1/2017

22/8/2017

5/8/2024

CVE-2017-5208: Integer Overflow

First published: Tue Jan 03 2017(Updated: )

An integer overflow vulnerability was found in icoutils in the wrestool program. A maliciously crafted file could make the application crash or possibly allow code execution. References: <a href="http://seclists.org/oss-sec/2017/q1/38">http://seclists.org/oss-sec/2017/q1/38</a> <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850017">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850017</a> Upstream patches: <a href="http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=0d569f458f306b88f60156d60c9cf058125cf173">http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=0d569f458f306b88f60156d60c9cf058125cf173</a> <a href="http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=4fbe9222fd79ee31b7ec031b0be070a9a400d1d3">http://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=4fbe9222fd79ee31b7ec031b0be070a9a400d1d3</a>

Credit: security@debian.org

Affected Software	Affected Version	How to fix
redhat/icoutils	<0.31.1	0.31.1
debian/icoutils		0.32.3-3 0.32.3-4
icoutils	<0.31.1
Debian GNU/Linux	=8.0
redhat enterprise Linux desktop	=7.0
redhat enterprise Linux server	=7.0
redhat enterprise Linux server aus	=7.3
redhat enterprise Linux server aus	=7.4
redhat enterprise Linux server aus	=7.6
redhat enterprise Linux server eus	=7.3
redhat enterprise Linux server eus	=7.4
redhat enterprise Linux server eus	=7.5
redhat enterprise Linux server eus	=7.6
redhat enterprise Linux server tus	=7.3
redhat enterprise Linux server tus	=7.6
redhat enterprise Linux workstation	=7.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-5208?
CVE-2017-5208 is classified as a medium severity integer overflow vulnerability.
How do I fix CVE-2017-5208?
To fix CVE-2017-5208, upgrade icoutils to version 0.31.1 or 0.32.3-3 or 0.32.3-4.
What impact can CVE-2017-5208 have on my system?
CVE-2017-5208 can cause crashes or allow potential code execution if exploited.
Which software versions are affected by CVE-2017-5208?
Affected software versions include icoutils prior to 0.31.1 and specific versions of Debian and Red Hat systems.
Where can I find more information about CVE-2017-5208?
Further details about CVE-2017-5208 can typically be found in public vulnerability databases.

agent/type
collector/mitre-cve
source/MITRE
agent/references
agent/severity
agent/author
agent/last-modified-date
agent/description
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2017-5208
agent/software-canonical-lookup
collector/debian-bugs
source/Debian
collector/security-tracker-debian
agent/weakness
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
package-manager/redhat
package-manager/debian
vendor/icoutils project
canonical/icoutils
vendor/debian
canonical/debian gnu/linux
version/debian gnu/linux/8.0
vendor/redhat
canonical/redhat enterprise linux desktop
version/redhat enterprise linux desktop/7.0
canonical/redhat enterprise linux server
version/redhat enterprise linux server/7.0
canonical/redhat enterprise linux server aus
version/redhat enterprise linux server aus/7.3
version/redhat enterprise linux server aus/7.4
version/redhat enterprise linux server aus/7.6
canonical/redhat enterprise linux server eus
version/redhat enterprise linux server eus/7.3
version/redhat enterprise linux server eus/7.4
version/redhat enterprise linux server eus/7.5
version/redhat enterprise linux server eus/7.6
canonical/redhat enterprise linux server tus
version/redhat enterprise linux server tus/7.3
version/redhat enterprise linux server tus/7.6
canonical/redhat enterprise linux workstation
version/redhat enterprise linux workstation/7.0

CVE-2017-5208: Integer Overflow

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-5208?

How do I fix CVE-2017-5208?

What impact can CVE-2017-5208 have on my system?

Which software versions are affected by CVE-2017-5208?

Where can I find more information about CVE-2017-5208?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2017-5208?

How do I fix CVE-2017-5208?

What impact can CVE-2017-5208 have on my system?

Which software versions are affected by CVE-2017-5208?

Where can I find more information about CVE-2017-5208?