18 matches found
Scientific Linux Security Update : tk on SL4.x, SL5.x i386/x86_64
An input validation flaw was discovered in Tk's GIF image handling. A code-size value read from a GIF image was not properly validated before being used, leading to a buffer overflow. A specially crafted GIF file could use this to cause a crash or, potentially, execute code with the privileges of...
SLES9: Security update for Tk
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: tk-devel tk For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5010158 within the...
SLES9: Security update for Tk
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: tk-devel tk For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5010158 within the...
Debian Security Advisory DSA 1743-1 (libtk-img)
The remote host is missing an update to libtk-img announced via advisory DSA 1743-1. OpenVAS Vulnerability Test $Id: deb17431.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1743-1 libtk-img Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Ubuntu USN-736-1 (gst-plugins-good0.10)
The remote host is missing an update to gst-plugins-good0.10 announced via advisory USN-736-1. OpenVAS Vulnerability Test $Id: ubuntu7361.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7361.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-736-1...
[SECURITY] [DSA 1743-1] New libtk-img packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1743-1 [email protected] http://www.debian.org/security/ Steffen Joeris March 17, 2009 http://www.debian.org/security/faq -...
DSA-1743-1 libtk-img - arbitrary code execution
Bulletin has no description...
Debian DSA-1743-1 : libtk-img - buffer overflows
Two buffer overflows have been found in the GIF image parsing code of Tk, a cross-platform graphical toolkit, which could lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-5137 It was discovered that libtk-img ...
Fedora Update for tk FEDORA-2007-2564
Check for the Version of tk OpenVAS Vulnerability Test Fedora Update for tk FEDORA-2007-2564 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the...
CentOS Update for tk CESA-2008:0136 centos5 x86_64
Check for the Version of tk OpenVAS Vulnerability Test CentOS Update for tk CESA-2008:0136 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for tk FEDORA-2007-2564
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for tk FEDORA-2008-1131
Check for the Version of tk OpenVAS Vulnerability Test Fedora Update for tk FEDORA-2008-1131 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the...
Gentoo Security Advisory GLSA 200710-07 (tk)
The remote host is missing updates announced in advisory GLSA 200710-07. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 5 : tk (CESA-2008:0136)
Updated tk packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tk is a graphical toolkit for the Tcl scripting language. An input validation flaw was discovered in...
RHEL 5 : tk (RHSA-2008:0136)
Updated tk packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tk is a graphical toolkit for the Tcl scripting language. An input validation flaw was discovered in...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5137. Reason: This candidate is a duplicate of CVE-2007-5137. Notes: All CVE users should reference CVE-2007-5137 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2007-5137
Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl Tcl/Tk 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for...
CVE-2007-5137
The CVE-2007-5137 issue affects Tcl/Tk, specifically Tk’s GIF handling in ReadImage() (generic/tkImgGIF.c) for Tcl/Tk 8.4.13–8.4.15. The vulnerability is a buffer overflow triggered by interlaced/animated GIFs where later frames are smaller than the first, potentially enabling remote code executi...