Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2007-5137

Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378.

Related bugs and status

CVE-2007-5137 (Candidate) is related to these bugs:

Bug #151008: tk8.4 buffer overrun

Summary				In	Importance	Status
	151008	tk8.4 buffer overrun		tk8.4 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://sourceforge.net...
SECUNIA: 26942
BID: 25826
MISC: http://bugs.gentoo.org...
GENTOO: GLSA-200710-07
SECUNIA: 27086
SUSE: SUSE-SR:2007:020
UBUNTU: USN-529-1
SECUNIA: 27207
FEDORA: FEDORA-2007-2564
MANDRIVA: MDKSA-2007:200
SECUNIA: 27182
SECUNIA: 27295
VIM: 20071012 clarification...
SECUNIA: 27229
REDHAT: RHSA-2008:0136
SECUNIA: 29069
DEBIAN: DSA-1743
SECUNIA: 34297
OVAL: oval:org.mitre.oval:de...