Unrated severityNVD Advisory· Published Dec 13, 2013· Updated Apr 29, 2026
CVE-2013-4988
CVE-2013-4988
Description
Stack-based buffer overflow in IcoFX 2.5 and earlier allows remote attackers to execute arbitrary code via a long idCount value in an ICONDIR structure in an ICO file. NOTE: some of these details are obtained from third party information.
Affected products
11cpe:2.3:a:icofx:icofx:*:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:icofx:icofx:*:*:*:*:*:*:*:*range: <=2.5
- cpe:2.3:a:icofx:icofx:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:1.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:1.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:2.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- archives.neohapsis.com/archives/bugtraq/2013-12/0046.htmlnvdExploit
- packetstormsecurity.com/files/124380/IcoFX-2.5.0.0-Buffer-Overflow.htmlnvdExploit
- seclists.org/fulldisclosure/2013/Dec/54nvdExploit
- www.coresecurity.com/advisories/icofx-buffer-overflow-vulnerabilitynvdExploit
- www.exploit-db.com/exploits/30208nvdExploit
- secunia.com/advisories/55964nvdVendor Advisory
- osvdb.org/100826nvd
- packetstormsecurity.com/files/162995/IcoFX-2.6-Buffer-Overflow.htmlnvd
- www.securityfocus.com/bid/64221nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/89611nvd
News mentions
0No linked articles in our index yet.