1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: IcoFX ICONDIR CVE-2013-4988

Web Attack: IcoFX ICONDIR CVE-2013-4988

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects an attempt of leveraging a buffer overflow vulnerability in IcoFX which may lead to arbitrary code execution.

Additional Information

IcoFX is a icon and cursor editor application.

IcoFX is prone to a remote buffer-overflow vulnerability. Specifically, this issue occurs when the application handles a specially crafted '.ico' file.

An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.


  • IcoFX 2.5 and earlier.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube