First published: Fri Feb 03 2017(Updated: )
An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "decode_ne_resource_id" function in the "restable.c" source file. This is happening because the "len" parameter for memcpy is not checked for size and thus becomes a negative integer in the process, resulting in a failed memcpy. This affects wrestool.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
debian/0.31.1 | ||
debian/icoutils | <=0.31.1-1 | 0.31.2-1 |
debian/icoutils | 0.32.3-3 0.32.3-4 | |
icoutils | =0.31.1 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
redhat enterprise Linux desktop | =7.0 | |
redhat enterprise Linux server | =7.0 | |
redhat enterprise Linux server aus | =7.3 | |
redhat enterprise Linux server aus | =7.4 | |
redhat enterprise Linux server aus | =7.6 | |
redhat enterprise Linux server eus | =7.3 | |
redhat enterprise Linux server eus | =7.4 | |
redhat enterprise Linux server eus | =7.5 | |
redhat enterprise Linux server eus | =7.6 | |
redhat enterprise Linux server tus | =7.3 | |
redhat enterprise Linux server tus | =7.6 | |
redhat enterprise Linux workstation | =7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.