Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871790
Category:Red Hat Local Security Checks
Title:RedHat Update for icoutils RHSA-2017:0837-01
Summary:The remote host is missing an update for the 'icoutils'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'icoutils'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The icoutils are a set of programs for
extracting and converting images in Microsoft Windows icon and cursor files. These
files usually have the extension .ico or .cur, but they can also be embedded in
executables or libraries.

Security Fix(es):

* Multiple vulnerabilities were found in icoutils, in the wrestool program.
An attacker could create a crafted executable that, when read by wrestool,
could result in memory corruption leading to a crash or potential code
execution. (CVE-2017-5208, CVE-2017-5333, CVE-2017-6009)

* A vulnerability was found in icoutils, in the wrestool program. An
attacker could create a crafted executable that, when read by wrestool,
could result in failure to allocate memory or an over-large memcpy
operation, leading to a crash. (CVE-2017-5332)

* Multiple vulnerabilities were found in icoutils, in the icotool program.
An attacker could create a crafted ICO or CUR file that, when read by
icotool, could result in memory corruption leading to a crash or potential
code execution. (CVE-2017-6010, CVE-2017-6011)

Affected Software/OS:
icoutils on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-5208
BugTraq ID: 95315
http://www.securityfocus.com/bid/95315
Debian Security Information: DSA-3756 (Google Search)
http://www.debian.org/security/2017/dsa-3756
https://security.gentoo.org/glsa/201801-12
http://www.openwall.com/lists/oss-security/2017/01/08/5
RedHat Security Advisories: RHSA-2017:0837
http://rhn.redhat.com/errata/RHSA-2017-0837.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-5332
BugTraq ID: 95380
http://www.securityfocus.com/bid/95380
Debian Security Information: DSA-3765 (Google Search)
http://www.debian.org/security/2017/dsa-3765
http://www.openwall.com/lists/oss-security/2017/01/11/3
SuSE Security Announcement: openSUSE-SU-2017:0166 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html
SuSE Security Announcement: openSUSE-SU-2017:0167 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html
SuSE Security Announcement: openSUSE-SU-2017:0168 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html
http://www.ubuntu.com/usn/USN-3178-1
Common Vulnerability Exposure (CVE) ID: CVE-2017-5333
BugTraq ID: 95678
http://www.securityfocus.com/bid/95678
Common Vulnerability Exposure (CVE) ID: CVE-2017-6009
BugTraq ID: 96292
http://www.securityfocus.com/bid/96292
Debian Security Information: DSA-3807 (Google Search)
http://www.debian.org/security/2017/dsa-3807
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854050
Common Vulnerability Exposure (CVE) ID: CVE-2017-6010
BugTraq ID: 96288
http://www.securityfocus.com/bid/96288
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854054
Common Vulnerability Exposure (CVE) ID: CVE-2017-6011
BugTraq ID: 96267
http://www.securityfocus.com/bid/96267
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.