fkie_cve-2008-0553
Vulnerability from fkie_nvd
Published
2008-02-07 21:00
Modified
2024-11-21 00:42
Severity ?
Summary
Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html
secalert@redhat.comhttp://secunia.com/advisories/28784Patch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28807Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28848Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28857Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28867Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/28954Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/29069Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/29070Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/29622Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/30129Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/30188Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/30535Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/30717Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/30783Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/32608
secalert@redhat.comhttp://securitytracker.com/id?1019309
secalert@redhat.comhttp://sourceforge.net/project/shownotes.php?release_id=573933&group_id=10894
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1
secalert@redhat.comhttp://ubuntu.com/usn/usn-664-1
secalert@redhat.comhttp://wiki.rpath.com/Advisories:rPSA-2008-0054
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1490
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1491
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1598
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:041
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2008_13_sr.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0134.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0135.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0136.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/488069/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/493080/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/27655Patch
secalert@redhat.comhttp://www.vmware.com/security/advisories/VMSA-2008-0009.html
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/0430Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/1456/referencesVendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/1744Vendor Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=431518
secalert@redhat.comhttps://issues.rpath.com/browse/RPL-2215
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28784Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28807Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28848Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28857Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28867Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28954Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29069Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29070Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29622Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30129Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30188Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30535Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30717Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30783Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32608
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1019309
af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/project/shownotes.php?release_id=573933&group_id=10894
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1
af854a3a-2127-422b-91ae-364da2661108http://ubuntu.com/usn/usn-664-1
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2008-0054
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1490
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1491
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1598
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:041
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2008_13_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0134.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0135.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0136.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/488069/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/493080/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/27655Patch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2008-0009.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0430Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1456/referencesVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1744Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=431518
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-2215
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html
Impacted products
Vendor Product Version
tcl_tk tcl_tk *
tcl_tk tcl_tk 2.1
tcl_tk tcl_tk 3.3
tcl_tk tcl_tk 4.0p1
tcl_tk tcl_tk 6.1
tcl_tk tcl_tk 6.1p1
tcl_tk tcl_tk 6.2
tcl_tk tcl_tk 6.4
tcl_tk tcl_tk 6.5
tcl_tk tcl_tk 6.6
tcl_tk tcl_tk 6.7
tcl_tk tcl_tk 7.0
tcl_tk tcl_tk 7.1
tcl_tk tcl_tk 7.3
tcl_tk tcl_tk 7.4
tcl_tk tcl_tk 7.5
tcl_tk tcl_tk 7.5p1
tcl_tk tcl_tk 7.6
tcl_tk tcl_tk 7.6p2
tcl_tk tcl_tk 8.0
tcl_tk tcl_tk 8.0.3
tcl_tk tcl_tk 8.0.4
tcl_tk tcl_tk 8.0.5
tcl_tk tcl_tk 8.0p2
tcl_tk tcl_tk 8.1
tcl_tk tcl_tk 8.1.1
tcl_tk tcl_tk 8.2.0
tcl_tk tcl_tk 8.2.1
tcl_tk tcl_tk 8.2.2
tcl_tk tcl_tk 8.2.3
tcl_tk tcl_tk 8.3.0
tcl_tk tcl_tk 8.3.1
tcl_tk tcl_tk 8.3.2
tcl_tk tcl_tk 8.3.3
tcl_tk tcl_tk 8.3.4
tcl_tk tcl_tk 8.3.5
tcl_tk tcl_tk 8.4.0
tcl_tk tcl_tk 8.4.1
tcl_tk tcl_tk 8.4.2
tcl_tk tcl_tk 8.4.3
tcl_tk tcl_tk 8.4.4
tcl_tk tcl_tk 8.4.5
tcl_tk tcl_tk 8.4.6
tcl_tk tcl_tk 8.4.7
tcl_tk tcl_tk 8.4.8
tcl_tk tcl_tk 8.4.9
tcl_tk tcl_tk 8.4.10
tcl_tk tcl_tk 8.4.11
tcl_tk tcl_tk 8.4.12
tcl_tk tcl_tk 8.4.13
tcl_tk tcl_tk 8.4.14
tcl_tk tcl_tk 8.4.15
tcl_tk tcl_tk 8.4.16
tcl_tk tcl_tk 8.4a2
tcl_tk tcl_tk 8.4a3
tcl_tk tcl_tk 8.4a4
tcl_tk tcl_tk 8.4b1
tcl_tk tcl_tk 8.4b2
tcl_tk tcl_tk 8.5.0
tcl_tk tcl_tk 8.5_a3
tcl_tk tcl_tk 8.5a1
tcl_tk tcl_tk 8.5a2
tcl_tk tcl_tk 8.5a3
tcl_tk tcl_tk 8.5a4
tcl_tk tcl_tk 8.5a5
tcl_tk tcl_tk 8.5a6
tcl_tk tcl_tk 8.5b1
tcl_tk tcl_tk 8.5b2
tcl_tk tcl_tk 8.5b3


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DF6AAA4-A3BD-4436-B5A5-070AC79F260D",
              "versionEndIncluding": "8.4.17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F06FEF3-A290-4256-ADB7-BC6E59A57852",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F451113-3A1C-455C-A328-149121C8C204",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:4.0p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13A85D7C-DF70-4AF6-94F0-881D35082E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E131184A-BD9E-41CF-B3D0-AB9E87834C25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.1p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "546DC29B-2A50-420A-AECD-EF526363AF2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "25B5AC3C-9F3E-499F-9EA7-5A0F9A889934",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9819E03A-8A9E-4483-BBEB-4B3708798960",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D7BBC1-70C7-4509-B9A7-4B08615B1BBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CCF8D59-9712-4C55-A680-7DD7C17EE8C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF4B0EEA-735E-4BB6-96E4-133F293A7295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2545F45-2F35-442B-84BA-DC7649E55672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D4364D-9BB0-47A2-BFA6-37C369C3E6B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A799BDBF-A56B-4125-A385-5FF87A0B069A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD4DCB1D-DD71-4C85-97E6-55AB467A8CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "509225EF-4423-45AE-AC86-5CF7188DF7B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.5p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B924063-CD33-44ED-BBB6-42FC6A12BD8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C9F9F96-DE6F-4B77-8715-360543E95E19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.6p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F297D4B0-40DE-4728-B840-584441AB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65C60D84-229A-43CA-8481-5634A3CFBF1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "05182123-3F45-4936-A7F1-5B1328C81C13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9583698-C566-40DF-912F-325454C74F85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "92E514C1-574A-41B3-84AB-50014CDAEE40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A43DF20C-5EE3-45AC-A4B9-8C0DC9EC1840",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A3CFE21-4641-4982-9791-ABD3FE1311BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5FFF507-18EE-4C64-BB86-48C97D7C9CD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C64F535C-A346-456F-AD99-8B135121390C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4B6F5E4-CE71-4359-8F05-4DF63E31BF6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "49767838-28BB-4B95-B70C-CD945B3E6559",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CEA597D-65CA-43B4-9742-F8FA7EB1CDB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1734A66C-D961-4740-82F4-F93B6D502C8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F9AD15-E604-4048-97C2-480AF00BE3C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C10E232-F532-4F2E-9DA7-44C10719CAC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A9E15B7-5018-4941-8DC9-A6FC84262F31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BB3FDAD-D0AD-410B-9FB3-001978DA0AE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4793F51C-293F-4A56-8789-B04FE3CBA958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270A67C9-96BC-4B36-8B66-2EFFB7708C6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "955AA2E1-9B15-431C-8A24-DC2A06E24715",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F55BFF-E9E1-4C97-A0DB-5F905406C55E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8536661B-E5A9-4D08-BC0E-0770A37E0545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "574D7E14-49CE-478F-BD12-804F13146E2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5165B956-F82A-4500-8B04-ADA0A100C4EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "37CB2CB3-BBC6-4F69-BDEB-53377444BD61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "56710692-2D3A-4FB1-A3FD-8875946B7130",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "219B6B61-C2CE-418B-81A0-C9CEE6B9474A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "18EA39DD-B688-420B-A0EC-CE6F99DE2BE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "6103F8D2-277F-4ECF-B72C-90E97896758B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "85C5C1CF-6DAF-4521-AFE9-606A5436C40A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70C2629-E2C1-422D-BDFA-1E0495A5ED4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "89651A15-A000-42A8-9268-4014BF34410A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4B54926-8A20-4743-9F9B-D255A84FE6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "39901A5E-7CB4-42C8-90A1-25487BA0FC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA3ECB75-5962-4362-98CF-CC31F72ED021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4a2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0689AA7-2B44-4202-B782-E47612115700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4a3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC2BA9A0-AE55-4F30-B27D-E48F2371F29F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4a4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC8A3AA4-2236-40BA-99BB-A215B69230A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4b1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D892065-8B50-48FE-8716-09F351104FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4b2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDEEDB4-DA0A-45EF-A8BA-079671E10F8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EE930FC-E77F-4EB8-A3B8-E4B1A6433BFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5_a3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA27B876-A7F8-4805-B653-21D31D06CFB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2872DCD-CD4E-4341-BE3F-0CED3F06B934",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D3DE5A6-F00A-4AA5-9974-B8D2B1DE1084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a3:*:*:*:*:*:*:*",
              "matchCriteriaId": "514AD04E-39AE-49FB-AB26-B425F1D5B34D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FE837C2-2C20-4F8B-A92C-0F5D97974522",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA678572-F6AE-4CC3-AE58-D420D695A297",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8D643E2-5344-4B34-AD4B-20B4870E40F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5b1:*:*:*:*:*:*:*",
              "matchCriteriaId": "41FEC657-2316-45B6-B9DC-1F87C9A74CB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5b2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCEDEAA3-3EA8-4BF4-8A27-4F485AD60E15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5b3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D387207-B013-4D8A-82C4-F4B6FB004E09",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n ReadImage en el archivo tkImgGIF.c en Tk (Tcl/Tk) versiones anteriores a 8.5.1, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una imagen GIF dise\u00f1ada, un problema similar a CVE-2006-4484."
    }
  ],
  "id": "CVE-2008-0553",
  "lastModified": "2024-11-21T00:42:22.263",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-02-07T21:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28784"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28807"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28848"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28857"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28867"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28954"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29069"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29070"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29622"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30129"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30188"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30535"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30717"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30783"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/32608"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1019309"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://ubuntu.com/usn/usn-664-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0054"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1490"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1491"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1598"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:041"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0135.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/488069/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/27655"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0430"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1456/references"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1744"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=431518"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-2215"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28784"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28807"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28848"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28954"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29069"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29070"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30188"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30535"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30717"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30783"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32608"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019309"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ubuntu.com/usn/usn-664-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1491"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1598"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:041"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0135.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/488069/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/27655"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0430"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1456/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1744"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=431518"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-2215"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.