Your submission was sent successfully! Close

CVE-2007-5137

Published: 28 September 2007

Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378.

Priority

Medium

Status

Package Release Status
libtk-img
Launchpad, Ubuntu, Debian
dapper Ignored
(reached end-of-life)
gutsy Needed
(reached end-of-life)
hardy Ignored
(reached end-of-life)
intrepid
Released (1:1.3-release-7+lenny1build0.8.10.1)
jaunty Not vulnerable

karmic Not vulnerable

lucid Not vulnerable

maverick Not vulnerable

natty Not vulnerable

oneiric Not vulnerable

upstream
Released (1:1.3-release-8)
tk8.3
Launchpad, Ubuntu, Debian
dapper
Released (8.3.5-4ubuntu1.1)
edgy
Released (8.3.5-6ubuntu1.1)
feisty
Released (8.3.5-6ubuntu2.1)
hardy Not vulnerable
(8.3.5-12ubuntu1)
intrepid Not vulnerable

jaunty Not vulnerable

karmic Not vulnerable

lucid Not vulnerable

maverick Not vulnerable

natty Not vulnerable

oneiric Does not exist

upstream
Released (8.3.5-9)
tk8.4
Launchpad, Ubuntu, Debian
dapper
Released (8.4.12-0ubuntu1.1)
edgy
Released (8.4.12-1ubuntu0.1)
feisty
Released (8.4.14-0ubuntu2.1)
hardy Not vulnerable
(8.4.16-2ubuntu1)
intrepid Not vulnerable

jaunty Not vulnerable

karmic Not vulnerable

lucid Not vulnerable

maverick Not vulnerable

natty Not vulnerable

oneiric Not vulnerable

upstream
Released (8.4.16)

Notes

AuthorNote
jdstrand
CVE only affects feisty and gutsy tk8.4.  These releases have a fix
for tcl/tk bug #1458234, which either introduced or unmasked the issue in
this CVE (investigate). Bug #1458234 is a memory corruption crasher as well,
and though it doesn't have a CVE, it should be fixed. tk8.3 is affected by
#1458234 in all releases, so when fixing it, be sure to fix the CVE as well.
tk8.4 in dapper and edgy need both fixes too.

References