Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.
Advisories
Source ID Title
Debian DLA Debian DLA DLA-789-1 icoutils security update
Debian DSA Debian DSA DSA-3765-1 icoutils security update
EUVD EUVD EUVD-2017-14438 Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.
Ubuntu USN Ubuntu USN USN-3178-1 icoutils vulnerabilities
Ubuntu USN Ubuntu USN USN-4695-1 icoutils vulnerabilities
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: debian

Published:

Updated: 2024-08-05T14:55:35.814Z

Reserved: 2017-01-10T00:00:00

Link: CVE-2017-5333

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-11-04T21:15:11.823

Modified: 2024-11-21T03:27:24.510

Link: CVE-2017-5333

cve-icon Redhat

Severity : Important

Publid Date: 2017-01-08T00:00:00Z

Links: CVE-2017-5333 - Bugzilla

cve-icon OpenCVE Enrichment

No data.