An integer overflow vulnerability was found in icoutils in the wrestool program. A maliciously crafted file could make the application crash or possibly allow code execution. This is a CVE for an insufficient patch for CVE-2017-5208.
This issue did not affect the versions of icoutils as shipped with Red Hat
Enterprise Linux 7 as they did not backport the vulnerable patches
provided to fix a previous flaw (CVE-2017-5208).
Created icoutils tracking bugs for this issue:
Affects: fedora-all [bug 1412265]
Affects: epel-6 [bug 1412266]