Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

CVE-2017-5333

UNKNOWN

Published 2019-11-04T20:24:00

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2017-5333. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Debian

icoutils

Affected Versions:

before 0.31.1

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-855f-qr67-w6rp

Advisory Details

Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.

CVSS Scoring

CVSS Score

5.0

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-5333

WEB https://bugzilla.redhat.com/show_bug.cgi?id=1412259

WEB https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1a108713ac26215c7568353f6e02e727e6d4b24a

WEB http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html

WEB http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html

WEB http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html

WEB http://rhn.redhat.com/errata/RHSA-2017-0837.html

WEB http://www.debian.org/security/2017/dsa-3765

WEB http://www.openwall.com/lists/oss-security/2017/01/11/3

WEB http://www.securityfocus.com/bid/95678

WEB http://www.ubuntu.com/usn/USN-3178-1

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: May 24, 2022

References

http://rhn.redhat.com/errata/RHSA-2017-0837.html

http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html

http://www.securityfocus.com/bid/95678

http://www.openwall.com/lists/oss-security/2017/01/11/3

http://www.debian.org/security/2017/dsa-3765

http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html

http://www.ubuntu.com/usn/USN-3178-1

http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html

https://bugzilla.redhat.com/show_bug.cgi?id=1412259

https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1a108713ac26215c7568353f6e02e727e6d4b24a

Published: 2019-11-04T20:24:00

Last Modified: 2024-08-05T14:55:35.814Z

Copied to clipboard!