Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0553

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-0553
Last Modified 29 Oct 2012 11:06:25
Published 07 Feb 2008 04:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0553

Summary

Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.

Vulnerable Systems

Application

  • Tcl Tk 2.1

  • Tcl Tk 3.3

  • Tcl Tk 4.0p1

  • Tcl Tk 6.1

  • Tcl Tk 6.1p1

  • Tcl Tk 6.2

  • Tcl Tk 6.4

  • Tcl Tk 6.5

  • Tcl Tk 6.6

  • Tcl Tk 6.7

  • Tcl Tk 7.0

  • Tcl Tk 7.1

  • Tcl Tk 7.3

  • Tcl Tk 7.4

  • Tcl Tk 7.5

  • Tcl Tk 7.5p1

  • Tcl Tk 7.6

  • Tcl Tk 7.6p2

  • Tcl Tk 8.0

  • Tcl Tk 8.0.3

  • Tcl Tk 8.0.4

  • Tcl Tk 8.0.5

  • Tcl Tk 8.0p2

  • Tcl Tk 8.1

  • Tcl Tk 8.1.1

  • Tcl Tk 8.2.0

  • Tcl Tk 8.2.1

  • Tcl Tk 8.2.2

  • Tcl Tk 8.2.3

  • Tcl Tk 8.3.0

  • Tcl Tk 8.3.1

  • Tcl Tk 8.3.2

  • Tcl Tk 8.3.3

  • Tcl Tk 8.3.4

  • Tcl Tk 8.3.5

  • Tcl Tk 8.4.0

  • Tcl Tk 8.4.1

  • Tcl Tk 8.4.10

  • Tcl Tk 8.4.11

  • Tcl Tk 8.4.12

  • Tcl Tk 8.4.13

  • Tcl Tk 8.4.14

  • Tcl Tk 8.4.15

  • Tcl Tk 8.4.16

  • Tcl Tk 8.4.17

  • Tcl Tk 8.4.2

  • Tcl Tk 8.4.3

  • Tcl Tk 8.4.4

  • Tcl Tk 8.4.5

  • Tcl Tk 8.4.6

  • Tcl Tk 8.4.7

  • Tcl Tk 8.4.8

  • Tcl Tk 8.4.9

  • Tcl Tk 8.4a2

  • Tcl Tk 8.4a3

  • Tcl Tk 8.4a4

  • Tcl Tk 8.4b1

  • Tcl Tk 8.4b2

  • Tcl Tk 8.5 A3

  • Tcl Tk 8.5.0

  • Tcl Tk 8.5a1

  • Tcl Tk 8.5a2

  • Tcl Tk 8.5a3

  • Tcl Tk 8.5a4

  • Tcl Tk 8.5a5

  • Tcl Tk 8.5a6

  • Tcl Tk 8.5b1

  • Tcl Tk 8.5b2

  • Tcl Tk 8.5b3


References

BID - 27655

SECUNIA - 28784

FEDORA - FEDORA-2008-3545

FEDORA - FEDORA-2008-1384

FEDORA - FEDORA-2008-1122

FEDORA - FEDORA-2008-1131

FEDORA - FEDORA-2008-1323

CONFIRM - https://issues.rpath.com/browse/RPL-2215

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=431518

VUPEN - ADV-2008-1744

VUPEN - ADV-2008-1456

VUPEN - ADV-2008-0430

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0009.html

BUGTRAQ - 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues

BUGTRAQ - 20080212 rPSA-2008-0054-1 tk

REDHAT - RHSA-2008:0136

REDHAT - RHSA-2008:0135

REDHAT - RHSA-2008:0134

SUSE - SUSE-SR:2008:013

MANDRIVA - MDVSA-2008:041

DEBIAN - DSA-1598

DEBIAN - DSA-1491

DEBIAN - DSA-1490

CONFIRM - http://wiki.rpath.com/Advisories:rPSA-2008-0054

SUNALERT - 237465

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=573933&group_id=10894

SECTRACK - 1019309

SECUNIA - 30783

SECUNIA - 30717

SECUNIA - 30535

SECUNIA - 30188

SECUNIA - 30129

SECUNIA - 29622

SECUNIA - 29070

SECUNIA - 29069

SECUNIA - 28954

SECUNIA - 28867

SECUNIA - 28857

SECUNIA - 28848

SECUNIA - 28807

SUSE - SUSE-SR:2008:008

UBUNTU - USN-664-1

SECUNIA - 32608

Related Patches

Novell SUSE 2008:4974 tk security update for SLE 10 SP1 i586

VMware VMSA 2008-0009.2 VMware Fusion 2.0.1 Update for Mac (Rev 2)


Last Updated: 27 May 2016 10:47:14