Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.
Max CVSS
7.8
EPSS Score
0.10%
Published
2019-11-04
Updated
2019-11-07
The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
Max CVSS
7.8
EPSS Score
0.10%
Published
2019-11-04
Updated
2019-11-06
Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
Max CVSS
7.8
EPSS Score
0.04%
Published
2019-11-04
Updated
2019-11-05
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.
Max CVSS
7.8
EPSS Score
0.13%
Published
2019-11-14
Updated
2020-08-18
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
Max CVSS
7.8
EPSS Score
0.04%
Published
2019-11-14
Updated
2019-11-19
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!