Vulnerability CVE-2007-5378

Vulnerability Name:

CVE-2007-5378 (CCN-37189)

Assigned:

2006-03-25

Published:

2006-03-25

Updated:

2018-10-15

Summary:

Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the first subimage is smaller than a subsequent subimage, which triggers the overflow in the ReadImage function, a different vulnerability than CVE-2007-5137.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Denial of Service

References:

Vulnerable Configuration:

Configuration 1:

cpe:/a:tcl_tk:tk_toolkit:*:*:*:*:*:*:*:* (Version <= 8.3.5)

OR cpe:/a:tcl_tk:tk_toolkit:*:*:*:*:*:*:*:* (Version <= 8.4.12)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:8362	P	DSA-1743 libtk-img -- buffer overflows	2015-02-23
oval:org.mitre.oval:def:13621	P	DSA-1743-1 libtk-img -- buffer overflows	2015-02-23
oval:org.mitre.oval:def:17727	P	USN-529-1 -- tk8.3, tk8.4 vulnerability	2014-06-30
oval:org.mitre.oval:def:18685	P	DSA-1416-1 tk8.3 - buffer overflow	2014-06-23
oval:org.mitre.oval:def:19954	P	DSA-1415-1 tk8.4 - buffer overflow	2014-06-23
oval:org.mitre.oval:def:9480	V	Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the first subimage is smaller than a subsequent subimage, which triggers the overflow in the ReadImage function, a different vulnerability than CVE-2007-5137.	2013-04-29
oval:org.debian:def:1743	V	buffer overflows	2009-03-17
oval:com.redhat.rhsa:def:20080134	P	RHSA-2008:0134: tcltk security update (Moderate)	2008-03-20
oval:com.redhat.rhsa:def:20080135	P	RHSA-2008:0135: tk security update (Moderate)	2008-02-22
oval:org.debian:def:1415	V	buffer overflow	2007-11-27

BACK