FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

icoutils -- check_offset overflow on 64-bit systems

Affected packages
icoutils < 0.31.1


VuXML ID 57facd35-ddf6-11e6-915d-001b3856973b
Discovery 2017-01-03
Entry 2017-01-19

Choongwoo Han reports:

An exploitable crash exists in the wrestool utility on 64-bit systems where the result of subtracting two pointers exceeds the size of int.


CVE Name CVE-2017-5208
CVE Name CVE-2017-5331
CVE Name CVE-2017-5332
CVE Name CVE-2017-5333