Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-5137HistorySep 28, 2007 - 9:17 p.m.
CVE-2007-5137
2007-09-2821:17:00
Debian Security Bug Tracker
security-tracker.debian.org
14
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.344 Low
EPSS
Percentile
97.1%
Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libtk-img | < 1.3-release-8 | libtk-img_1.3-release-8_all.deb |
| Debian | 11 | all | libtk-img | < 1.3-release-8 | libtk-img_1.3-release-8_all.deb |
| Debian | 999 | all | libtk-img | < 1.3-release-8 | libtk-img_1.3-release-8_all.deb |
| Debian | 13 | all | libtk-img | < 1.3-release-8 | libtk-img_1.3-release-8_all.deb |
Related
openvas
openvas
Debian: Security Advisory (DSA-1743-1)
2009-03-19 00:00:00
Ubuntu: Security Advisory (USN-529-1)
2009-03-23 00:00:00
Mandriva Update for tk MDKSA-2007:200 (tk)
2009-04-09 00:00:00
prion
prion
Buffer overflow
2007-09-28 21:17:00
Buffer overflow
2007-10-12 01:17:00
Design/Logic Flaw
2007-10-08 19:17:00
cvelist
cvelist
CVE-2007-5137
2007-09-28 21:00:00
CVE-2007-5378
2007-10-12 01:00:00
nvd
nvd
ubuntucve
ubuntucve
CVE-2007-5137
2007-09-28 00:00:00
CVE-2007-5378
2007-10-11 00:00:00
nessus
nessus
Debian DSA-1743-1 : libtk-img - buffer overflows
2009-03-17 00:00:00
Debian DSA-1416-1 : tk8.3 - buffer overflow
2007-11-29 00:00:00
Ubuntu 6.06 LTS / 6.10 / 7.04 : tk8.3, tk8.4 vulnerability (USN-529-1)
2007-11-10 00:00:00
osv
osv
libtk-img - arbitrary code execution
2009-03-17 00:00:00
tk8.4 - buffer overflow
2007-11-27 00:00:00
debian
debian
[SECURITY] [DSA 1743-1] New libtk-img packages fix arbitrary code execution
2009-03-17 08:52:05
[SECURITY] [DSA 1415-1] New tk8.4 packages fix arbitrary code execution
2007-11-27 20:51:17
[SECURITY] [DSA 1416-1] New tk8.3 packages fix arbitrary code execution
2007-11-27 20:56:39
cve
cve
debiancve
debiancve
CVE-2007-5378
2007-10-12 01:17:00
ubuntu
ubuntu
Tk vulnerability
2007-10-11 00:00:00
oraclelinux
oraclelinux
Moderate: tk security update
2008-02-21 00:00:00
Moderate: tk security update
2008-02-22 00:00:00
Moderate: tcltk security update
2008-02-22 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: tk-8.4.13-6.fc7
2007-10-18 02:25:24
[SECURITY] Fedora 7 Update: tk-8.4.13-7.fc7
2008-02-07 20:55:44
securityvulns
securityvulns
TK graphics library buffer overflow
2007-10-15 00:00:00
[SECURITY] [DSA 1416-1] New tk8.3 packages fix arbitrary code execution
2007-11-29 00:00:00
[USN-529-1] Tk vulnerability
2007-10-15 00:00:00
freebsd
freebsd
tcl/tk -- buffer overflow in ReadImage function
2007-09-27 00:00:00
redhat
redhat
(RHSA-2008:0136) Moderate: tk security update
2008-02-21 00:00:00
(RHSA-2008:0135) Moderate: tk security update
2008-02-21 00:00:00
(RHSA-2008:0134) Moderate: tcltk security update
2008-02-21 00:00:00
centos
centos
tk security update
2008-02-22 15:57:50
tk security update
2008-02-23 11:54:01
expect, itcl, tcl, tcllib, tclx, tix, tk security update
2008-02-23 01:59:42
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.344 Low
EPSS
Percentile
97.1%
Related for DEBIANCVE:CVE-2007-5137