CVE-2017-16612 log

Severity High
Remote Yes
Type Arbitrary code execution
It was discovered that libxcursor before 1.1.15 is vulnerable to heap overflows due to an integer overflow while parsing images and a signedness issue while parsing comments. An attacker could use local privileges or trick a user into parsing a malicious file to cause libxcursor to crash, resulting in a denial of service, or possibly execute arbitrary code.
Group Package Affected Fixed Severity Status Ticket
AVG-532 lib32-libxcursor 1.1.14-1 1.1.15-1 High Fixed
AVG-531 libxcursor 1.1.14-1 1.1.15-1 High Fixed
Date Advisory Group Package Severity Type
30 Nov 2017 ASA-201711-42 AVG-532 lib32-libxcursor High arbitrary code execution
30 Nov 2017 ASA-201711-41 AVG-531 libxcursor High arbitrary code execution