1. Home
  2. CVE Database
  3. CVE-2017-6011
MEDIUM · 5.5

CVE-2017-6011

An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.

Vulnerability Description

An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.

CVSS Score

5.5

MEDIUM

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
Icoutils ProjectIcoutils0.31.1
DebianDebian Linux8.0
RedhatEnterprise Linux Desktop7.0
RedhatEnterprise Linux Server7.0
RedhatEnterprise Linux Server Aus7.3
RedhatEnterprise Linux Server Eus7.3
RedhatEnterprise Linux Server Tus7.3
RedhatEnterprise Linux Workstation7.0

Related Weaknesses (CWE)

CWE-125

References

FAQ

What is CVE-2017-6011?

CVE-2017-6011 is a vulnerability with a CVSS score of 5.5 (MEDIUM). An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.

How severe is CVE-2017-6011?

CVE-2017-6011 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-6011?

Check the references section above for vendor advisories and patch information. Affected products include: Icoutils Project Icoutils, Debian Debian Linux, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus.