Vulnerabilites related to Debian - icoutils
cve-2017-5331
Vulnerability from cvelistv5
Published
2019-11-04 20:24
Modified
2024-08-05 14:55
Severity ?
EPSS score ?
Summary
Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
References
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html | vendor-advisory, x_refsource_SUSE | |
http://www.openwall.com/lists/oss-security/2017/01/11/3 | mailing-list, x_refsource_MLIST | |
http://www.debian.org/security/2017/dsa-3765 | vendor-advisory, x_refsource_DEBIAN | |
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/95378 | vdb-entry, x_refsource_BID | |
http://www.ubuntu.com/usn/USN-3178-1 | vendor-advisory, x_refsource_UBUNTU | |
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://bugzilla.redhat.com/show_bug.cgi?id=1412248 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:55:35.800Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "openSUSE-SU-2017:0167", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html", }, { name: "[oss-security] 20170110 Re: CVE Request: icoutils: exploitable crash in wrestool programm", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2017/01/11/3", }, { name: "DSA-3765", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2017/dsa-3765", }, { name: "openSUSE-SU-2017:0168", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html", }, { name: "95378", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/95378", }, { name: "USN-3178-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3178-1", }, { name: "openSUSE-SU-2017:0166", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1412248", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "icoutils", vendor: "Debian", versions: [ { status: "affected", version: "before 0.31.1", }, ], }, ], datePublic: "2017-01-10T00:00:00", descriptions: [ { lang: "en", value: "Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.", }, ], problemTypes: [ { descriptions: [ { description: "Other", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-04T20:24:09", orgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", shortName: "debian", }, references: [ { name: "openSUSE-SU-2017:0167", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html", }, { name: "[oss-security] 20170110 Re: CVE Request: icoutils: exploitable crash in wrestool programm", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2017/01/11/3", }, { name: "DSA-3765", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2017/dsa-3765", }, { name: "openSUSE-SU-2017:0168", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html", }, { name: "95378", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/95378", }, { name: "USN-3178-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3178-1", }, { name: "openSUSE-SU-2017:0166", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1412248", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@debian.org", ID: "CVE-2017-5331", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "icoutils", version: { version_data: [ { version_value: "before 0.31.1", }, ], }, }, ], }, vendor_name: "Debian", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Other", }, ], }, ], }, references: { reference_data: [ { name: "openSUSE-SU-2017:0167", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html", }, { name: "[oss-security] 20170110 Re: CVE Request: icoutils: exploitable crash in wrestool programm", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2017/01/11/3", }, { name: "DSA-3765", refsource: "DEBIAN", url: "http://www.debian.org/security/2017/dsa-3765", }, { name: "openSUSE-SU-2017:0168", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html", }, { name: "95378", refsource: "BID", url: "http://www.securityfocus.com/bid/95378", }, { name: "USN-3178-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3178-1", }, { name: "openSUSE-SU-2017:0166", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1412248", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1412248", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", assignerShortName: "debian", cveId: "CVE-2017-5331", datePublished: "2019-11-04T20:24:09", dateReserved: "2017-01-10T00:00:00", dateUpdated: "2024-08-05T14:55:35.800Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-5333
Vulnerability from cvelistv5
Published
2019-11-04 20:24
Modified
2024-08-05 14:55
Severity ?
EPSS score ?
Summary
Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.
References
▼ | URL | Tags |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2017-0837.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/95678 | vdb-entry, x_refsource_BID | |
http://www.openwall.com/lists/oss-security/2017/01/11/3 | mailing-list, x_refsource_MLIST | |
http://www.debian.org/security/2017/dsa-3765 | vendor-advisory, x_refsource_DEBIAN | |
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html | vendor-advisory, x_refsource_SUSE | |
http://www.ubuntu.com/usn/USN-3178-1 | vendor-advisory, x_refsource_UBUNTU | |
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://bugzilla.redhat.com/show_bug.cgi?id=1412259 | x_refsource_CONFIRM | |
https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1a108713ac26215c7568353f6e02e727e6d4b24a | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:55:35.814Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2017:0837", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0837.html", }, { name: "openSUSE-SU-2017:0167", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html", }, { name: "95678", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/95678", }, { name: "[oss-security] 20170110 Re: CVE Request: icoutils: exploitable crash in wrestool programm", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2017/01/11/3", }, { name: "DSA-3765", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2017/dsa-3765", }, { name: "openSUSE-SU-2017:0168", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html", }, { name: "USN-3178-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3178-1", }, { name: "openSUSE-SU-2017:0166", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1412259", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1a108713ac26215c7568353f6e02e727e6d4b24a", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "icoutils", vendor: "Debian", versions: [ { status: "affected", version: "before 0.31.1", }, ], }, ], datePublic: "2017-01-08T00:00:00", descriptions: [ { lang: "en", value: "Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.", }, ], problemTypes: [ { descriptions: [ { description: "Other", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-04T20:24:00", orgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", shortName: "debian", }, references: [ { name: "RHSA-2017:0837", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0837.html", }, { name: "openSUSE-SU-2017:0167", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html", }, { name: "95678", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/95678", }, { name: "[oss-security] 20170110 Re: CVE Request: icoutils: exploitable crash in wrestool programm", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2017/01/11/3", }, { name: "DSA-3765", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2017/dsa-3765", }, { name: "openSUSE-SU-2017:0168", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html", }, { name: "USN-3178-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3178-1", }, { name: "openSUSE-SU-2017:0166", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1412259", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1a108713ac26215c7568353f6e02e727e6d4b24a", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@debian.org", ID: "CVE-2017-5333", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "icoutils", version: { version_data: [ { version_value: "before 0.31.1", }, ], }, }, ], }, vendor_name: "Debian", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Other", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2017:0837", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2017-0837.html", }, { name: "openSUSE-SU-2017:0167", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html", }, { name: "95678", refsource: "BID", url: "http://www.securityfocus.com/bid/95678", }, { name: "[oss-security] 20170110 Re: CVE Request: icoutils: exploitable crash in wrestool programm", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2017/01/11/3", }, { name: "DSA-3765", refsource: "DEBIAN", url: "http://www.debian.org/security/2017/dsa-3765", }, { name: "openSUSE-SU-2017:0168", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html", }, { name: "USN-3178-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3178-1", }, { name: "openSUSE-SU-2017:0166", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1412259", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1412259", }, { name: "https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1a108713ac26215c7568353f6e02e727e6d4b24a", refsource: "CONFIRM", url: "https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1a108713ac26215c7568353f6e02e727e6d4b24a", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", assignerShortName: "debian", cveId: "CVE-2017-5333", datePublished: "2019-11-04T20:24:00", dateReserved: "2017-01-10T00:00:00", dateUpdated: "2024-08-05T14:55:35.814Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-5332
Vulnerability from cvelistv5
Published
2019-11-04 20:24
Modified
2024-08-05 14:55
Severity ?
EPSS score ?
Summary
The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
References
▼ | URL | Tags |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2017-0837.html | vendor-advisory, x_refsource_REDHAT | |
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html | vendor-advisory, x_refsource_SUSE | |
http://www.openwall.com/lists/oss-security/2017/01/11/3 | mailing-list, x_refsource_MLIST | |
http://www.securityfocus.com/bid/95380 | vdb-entry, x_refsource_BID | |
http://www.debian.org/security/2017/dsa-3765 | vendor-advisory, x_refsource_DEBIAN | |
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html | vendor-advisory, x_refsource_SUSE | |
http://www.ubuntu.com/usn/USN-3178-1 | vendor-advisory, x_refsource_UBUNTU | |
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://bugzilla.redhat.com/show_bug.cgi?id=1412263 | x_refsource_CONFIRM | |
https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1aa9f28f7bcbdfff6a84a15ac8d9a87559b1596a | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:55:35.813Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2017:0837", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0837.html", }, { name: "openSUSE-SU-2017:0167", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html", }, { name: "[oss-security] 20170110 Re: CVE Request: icoutils: exploitable crash in wrestool programm", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2017/01/11/3", }, { name: "95380", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/95380", }, { name: "DSA-3765", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2017/dsa-3765", }, { name: "openSUSE-SU-2017:0168", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html", }, { name: "USN-3178-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-3178-1", }, { name: "openSUSE-SU-2017:0166", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1412263", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1aa9f28f7bcbdfff6a84a15ac8d9a87559b1596a", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "icoutils", vendor: "Debian", versions: [ { status: "affected", version: "before 0.31.1", }, ], }, ], datePublic: "2017-01-10T00:00:00", descriptions: [ { lang: "en", value: "The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.", }, ], problemTypes: [ { descriptions: [ { description: "Other", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-04T20:24:14", orgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", shortName: "debian", }, references: [ { name: "RHSA-2017:0837", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0837.html", }, { name: "openSUSE-SU-2017:0167", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html", }, { name: "[oss-security] 20170110 Re: CVE Request: icoutils: exploitable crash in wrestool programm", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2017/01/11/3", }, { name: "95380", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/95380", }, { name: "DSA-3765", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2017/dsa-3765", }, { name: "openSUSE-SU-2017:0168", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html", }, { name: "USN-3178-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-3178-1", }, { name: "openSUSE-SU-2017:0166", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1412263", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1aa9f28f7bcbdfff6a84a15ac8d9a87559b1596a", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@debian.org", ID: "CVE-2017-5332", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "icoutils", version: { version_data: [ { version_value: "before 0.31.1", }, ], }, }, ], }, vendor_name: "Debian", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Other", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2017:0837", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2017-0837.html", }, { name: "openSUSE-SU-2017:0167", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html", }, { name: "[oss-security] 20170110 Re: CVE Request: icoutils: exploitable crash in wrestool programm", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2017/01/11/3", }, { name: "95380", refsource: "BID", url: "http://www.securityfocus.com/bid/95380", }, { name: "DSA-3765", refsource: "DEBIAN", url: "http://www.debian.org/security/2017/dsa-3765", }, { name: "openSUSE-SU-2017:0168", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html", }, { name: "USN-3178-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-3178-1", }, { name: "openSUSE-SU-2017:0166", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1412263", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1412263", }, { name: "https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1aa9f28f7bcbdfff6a84a15ac8d9a87559b1596a", refsource: "CONFIRM", url: "https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1aa9f28f7bcbdfff6a84a15ac8d9a87559b1596a", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", assignerShortName: "debian", cveId: "CVE-2017-5332", datePublished: "2019-11-04T20:24:14", dateReserved: "2017-01-10T00:00:00", dateUpdated: "2024-08-05T14:55:35.813Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }