ID de Prueba:	1.3.6.1.4.1.25623.1.0.871790
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for icoutils RHSA-2017:0837-01
Resumen:	The remote host is missing an update for the 'icoutils'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'icoutils' package(s) announced via the referenced advisory. Vulnerability Insight: The icoutils are a set of programs for extracting and converting images in Microsoft Windows icon and cursor files. These files usually have the extension .ico or .cur, but they can also be embedded in executables or libraries. Security Fix(es): * Multiple vulnerabilities were found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in memory corruption leading to a crash or potential code execution. (CVE-2017-5208, CVE-2017-5333, CVE-2017-6009) * A vulnerability was found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in failure to allocate memory or an over-large memcpy operation, leading to a crash. (CVE-2017-5332) * Multiple vulnerabilities were found in icoutils, in the icotool program. An attacker could create a crafted ICO or CUR file that, when read by icotool, could result in memory corruption leading to a crash or potential code execution. (CVE-2017-6010, CVE-2017-6011) Affected Software/OS: icoutils on Red Hat Enterprise Linux Server (v. 7) Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-5208 BugTraq ID: 95315 http://www.securityfocus.com/bid/95315 Debian Security Information: DSA-3756 (Google Search) http://www.debian.org/security/2017/dsa-3756 https://security.gentoo.org/glsa/201801-12 http://www.openwall.com/lists/oss-security/2017/01/08/5 RedHat Security Advisories: RHSA-2017:0837 http://rhn.redhat.com/errata/RHSA-2017-0837.html Common Vulnerability Exposure (CVE) ID: CVE-2017-5332 BugTraq ID: 95380 http://www.securityfocus.com/bid/95380 Debian Security Information: DSA-3765 (Google Search) http://www.debian.org/security/2017/dsa-3765 http://www.openwall.com/lists/oss-security/2017/01/11/3 SuSE Security Announcement: openSUSE-SU-2017:0166 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html SuSE Security Announcement: openSUSE-SU-2017:0167 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html SuSE Security Announcement: openSUSE-SU-2017:0168 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html http://www.ubuntu.com/usn/USN-3178-1 Common Vulnerability Exposure (CVE) ID: CVE-2017-5333 BugTraq ID: 95678 http://www.securityfocus.com/bid/95678 Common Vulnerability Exposure (CVE) ID: CVE-2017-6009 BugTraq ID: 96292 http://www.securityfocus.com/bid/96292 Debian Security Information: DSA-3807 (Google Search) http://www.debian.org/security/2017/dsa-3807 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854050 Common Vulnerability Exposure (CVE) ID: CVE-2017-6010 BugTraq ID: 96288 http://www.securityfocus.com/bid/96288 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854054 Common Vulnerability Exposure (CVE) ID: CVE-2017-6011 BugTraq ID: 96267 http://www.securityfocus.com/bid/96267
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.