Lucene search

[email protected]CVE-2008-0553

HistoryFeb 07, 2008 - 9:00 p.m.

CVE-2008-0553

2008-02-0721:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-0553

stack-based buffer overflow

readimage function

tcl/tk

remote code execution

gif image

nvd

9.8 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.207 Low

EPSS

Percentile

96.3%

JSON

Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.

CPENameOperatorVersion
tcl_tk:tcl_tktcl tkeq6.2
tcl_tk:tcl_tktcl tkeq7.6
tcl_tk:tcl_tktcl tkeq8.4.8
tcl_tk:tcl_tktcl tkeq8.5a3
tcl_tk:tcl_tktcl tkeq8.4.2
tcl_tk:tcl_tktcl tkeq8.4.1
tcl_tk:tcl_tktcl tkeq8.0p2
tcl_tk:tcl_tktcl tkeq6.7
tcl_tk:tcl_tktcl tkeq8.4a2
tcl_tk:tcl_tktcl tkeq8.3.4

CPE	Name	Operator	Version
tcl_tk:tcl_tk	tcl tk	eq	6.2
tcl_tk:tcl_tk	tcl tk	eq	7.6
tcl_tk:tcl_tk	tcl tk	eq	8.4.8
tcl_tk:tcl_tk	tcl tk	eq	8.5a3
tcl_tk:tcl_tk	tcl tk	eq	8.4.2
tcl_tk:tcl_tk	tcl tk	eq	8.4.1
tcl_tk:tcl_tk	tcl tk	eq	8.0p2
tcl_tk:tcl_tk	tcl tk	eq	6.7
tcl_tk:tcl_tk	tcl tk	eq	8.4a2
tcl_tk:tcl_tk	tcl tk	eq	8.3.4

Rows per page:

1-10 of 691

References

lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html

secunia.com/advisories/28784

secunia.com/advisories/28807

secunia.com/advisories/28848

secunia.com/advisories/28857

secunia.com/advisories/28867

secunia.com/advisories/28954

secunia.com/advisories/29069

secunia.com/advisories/29070

secunia.com/advisories/29622

secunia.com/advisories/30129

secunia.com/advisories/30188

secunia.com/advisories/30535

secunia.com/advisories/30717

secunia.com/advisories/30783

secunia.com/advisories/32608

securitytracker.com/id?1019309

sourceforge.net/project/shownotes.php?release_id=573933&group_id=10894

sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1

ubuntu.com/usn/usn-664-1

wiki.rpath.com/Advisories:rPSA-2008-0054

www.debian.org/security/2008/dsa-1490

www.debian.org/security/2008/dsa-1491

www.debian.org/security/2008/dsa-1598

www.mandriva.com/security/advisories?name=MDVSA-2008:041

www.novell.com/linux/security/advisories/2008_13_sr.html

www.redhat.com/support/errata/RHSA-2008-0134.html

www.redhat.com/support/errata/RHSA-2008-0135.html

www.redhat.com/support/errata/RHSA-2008-0136.html

www.securityfocus.com/archive/1/488069/100/0/threaded

www.securityfocus.com/archive/1/493080/100/0/threaded

www.securityfocus.com/bid/27655

www.vmware.com/security/advisories/VMSA-2008-0009.html

www.vupen.com/english/advisories/2008/0430

www.vupen.com/english/advisories/2008/1456/references

www.vupen.com/english/advisories/2008/1744

bugzilla.redhat.com/show_bug.cgi?id=431518

issues.rpath.com/browse/RPL-2215

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098

www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html

www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html

www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html

www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html

www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html

9.8 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.207 Low

EPSS

Percentile

96.3%

JSON

Related for CVE-2008-0553

prion4 nessus54 fedora7 debiancve5 ubuntucve5 openvas79 osv2 debian3 ubuntu2 securityvulns4 seebug1 centos6 redhat6 oraclelinux6 cve4 gentoo2 vmware2 freebsd1 suse1