Comment # 2 on bug 1025700 from Mikhail Kasimov

Ref: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6010
====================================================================
 Original release date: 02/16/2017
Last revised: 02/16/2017
Source: US-CERT/NIST
Awaiting Analysis

This vulnerability is currently awaiting analysis.
Overview

An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in
the "extract_icons" function in the "extract.c" source file. This issue can be
triggered by processing a corrupted ico file and will result in an icotool
crash.
References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided
these links to other web sites because they may have information that would be
of interest to you. No inferences should be drawn on account of other sites
being referenced, or not, from this page. There may be other web sites that are
more appropriate for your purpose. NIST does not necessarily endorse the views
expressed, or concur with the facts presented on these sites. Further, NIST
does not endorse any commercial products that may be mentioned on these sites.
Please address comments about this page to nvd@nist.gov.


External Source: MISC
Name: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854054
Hyperlink: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854054
====================================================================