Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.871790
Kategorie:Red Hat Local Security Checks
Titel:RedHat Update for icoutils RHSA-2017:0837-01
Zusammenfassung:The remote host is missing an update for the 'icoutils'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'icoutils'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The icoutils are a set of programs for
extracting and converting images in Microsoft Windows icon and cursor files. These
files usually have the extension .ico or .cur, but they can also be embedded in
executables or libraries.

Security Fix(es):

* Multiple vulnerabilities were found in icoutils, in the wrestool program.
An attacker could create a crafted executable that, when read by wrestool,
could result in memory corruption leading to a crash or potential code
execution. (CVE-2017-5208, CVE-2017-5333, CVE-2017-6009)

* A vulnerability was found in icoutils, in the wrestool program. An
attacker could create a crafted executable that, when read by wrestool,
could result in failure to allocate memory or an over-large memcpy
operation, leading to a crash. (CVE-2017-5332)

* Multiple vulnerabilities were found in icoutils, in the icotool program.
An attacker could create a crafted ICO or CUR file that, when read by
icotool, could result in memory corruption leading to a crash or potential
code execution. (CVE-2017-6010, CVE-2017-6011)

Affected Software/OS:
icoutils on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-5208
BugTraq ID: 95315
http://www.securityfocus.com/bid/95315
Debian Security Information: DSA-3756 (Google Search)
http://www.debian.org/security/2017/dsa-3756
https://security.gentoo.org/glsa/201801-12
http://www.openwall.com/lists/oss-security/2017/01/08/5
RedHat Security Advisories: RHSA-2017:0837
http://rhn.redhat.com/errata/RHSA-2017-0837.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-5332
BugTraq ID: 95380
http://www.securityfocus.com/bid/95380
Debian Security Information: DSA-3765 (Google Search)
http://www.debian.org/security/2017/dsa-3765
http://www.openwall.com/lists/oss-security/2017/01/11/3
SuSE Security Announcement: openSUSE-SU-2017:0166 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html
SuSE Security Announcement: openSUSE-SU-2017:0167 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html
SuSE Security Announcement: openSUSE-SU-2017:0168 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html
http://www.ubuntu.com/usn/USN-3178-1
Common Vulnerability Exposure (CVE) ID: CVE-2017-5333
BugTraq ID: 95678
http://www.securityfocus.com/bid/95678
Common Vulnerability Exposure (CVE) ID: CVE-2017-6009
BugTraq ID: 96292
http://www.securityfocus.com/bid/96292
Debian Security Information: DSA-3807 (Google Search)
http://www.debian.org/security/2017/dsa-3807
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854050
Common Vulnerability Exposure (CVE) ID: CVE-2017-6010
BugTraq ID: 96288
http://www.securityfocus.com/bid/96288
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854054
Common Vulnerability Exposure (CVE) ID: CVE-2017-6011
BugTraq ID: 96267
http://www.securityfocus.com/bid/96267
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.