Vulnerability Name:

CVE-2008-0553 (CCN-40285)

Assigned:2008-02-01
Published:2008-02-01
Updated:2018-10-15
Summary:Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2008-0553

Source: SUSE
Type: UNKNOWN
SUSE-SR:2008:008

Source: CCN
Type: RHSA-2008-0134
Moderate: tcltk security update

Source: CCN
Type: RHSA-2008-0135
Moderate: tk security update

Source: CCN
Type: RHSA-2008-0136
Moderate: tk security update

Source: CCN
Type: SA28784
Tk GIF Processing Buffer Overflow Vulnerability

Source: SECUNIA
Type: Patch, Vendor Advisory
28784

Source: SECUNIA
Type: Vendor Advisory
28807

Source: SECUNIA
Type: Vendor Advisory
28848

Source: SECUNIA
Type: Vendor Advisory
28857

Source: SECUNIA
Type: Vendor Advisory
28867

Source: SECUNIA
Type: Vendor Advisory
28954

Source: SECUNIA
Type: Vendor Advisory
29069

Source: SECUNIA
Type: Vendor Advisory
29070

Source: SECUNIA
Type: Vendor Advisory
29622

Source: CCN
Type: SA30129
Sun Solaris Tk GIF Processing Buffer Overflow Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
30129

Source: SECUNIA
Type: Vendor Advisory
30188

Source: CCN
Type: SA30535
VMware ESX Server Multiple Security Updates

Source: SECUNIA
Type: Vendor Advisory
30535

Source: SECUNIA
Type: Vendor Advisory
30717

Source: SECUNIA
Type: Vendor Advisory
30783

Source: SECUNIA
Type: UNKNOWN
32608

Source: CCN
Type: SECTRACK ID: 1019309
Tcl/Tk Buffer Overflow in Processing GIF Files Lets Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1019309

Source: CCN
Type: SourceForge.net: Files
Tcl - File Release Notes and Changelog - Release Name: 8.5.1

Source: CONFIRM
Type: UNKNOWN
http://sourceforge.net/project/shownotes.php?release_id=573933&group_id=10894

Source: SUNALERT
Type: UNKNOWN
237465

Source: CCN
Type: Sun Alert ID: 237465
Security Vulnerabilities in the Tcl GUI Toolkit Library may lead to arbitrary code execution or Denial of Service (DoS)

Source: CCN
Type: ASA-2008-088
tk security update (RHSA-2008-0135)

Source: CCN
Type: ASA-2008-094
tcltk security update (RHSA-2008-0134)

Source: CCN
Type: ASA-2008-215
Security Vulnerabilities in the Tcl GUI Toolkit Library may lead to arbitrary code execution or Denial of Service (DoS) (Sun 237465)

Source: UBUNTU
Type: UNKNOWN
USN-664-1

Source: CONFIRM
Type: UNKNOWN
http://wiki.rpath.com/Advisories:rPSA-2008-0054

Source: DEBIAN
Type: UNKNOWN
DSA-1490

Source: DEBIAN
Type: UNKNOWN
DSA-1491

Source: DEBIAN
Type: UNKNOWN
DSA-1598

Source: DEBIAN
Type: DSA-1490
tk8.3 -- buffer overflow

Source: DEBIAN
Type: DSA-1491
tk8.4 -- buffer overflow

Source: DEBIAN
Type: DSA-1598
libtk-img -- buffer overflow

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:041

Source: SUSE
Type: UNKNOWN
SUSE-SR:2008:013

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0134

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0135

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0136

Source: BUGTRAQ
Type: UNKNOWN
20080212 rPSA-2008-0054-1 tk

Source: BUGTRAQ
Type: UNKNOWN
20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues

Source: BID
Type: Patch
27655

Source: CCN
Type: BID-27655
Tcl/Tk Tk Toolkit 'ReadImage()' GIF File Buffer Overflow Vulnerability

Source: CCN
Type: USN-664-1
Tk vulnerability

Source: CCN
Type: VMSA-2008-0009
Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2008-0009.html

Source: VUPEN
Type: Vendor Advisory
ADV-2008-0430

Source: VUPEN
Type: Vendor Advisory
ADV-2008-1456

Source: VUPEN
Type: Vendor Advisory
ADV-2008-1744

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=431518

Source: XF
Type: UNKNOWN
tcltk-readimage-bo(40285)

Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-2215

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10098

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-1323

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-1131

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-1122

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-1384

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-3545

Source: SUSE
Type: SUSE-SR:2008:008
SUSE Security Summary Advisory

Source: SUSE
Type: SUSE-SR:2008:013
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:tcl_tk:tcl_tk:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:3.3:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:4.0p1:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:6.1:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:6.1p1:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:6.2:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:6.4:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:6.5:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:6.6:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:6.7:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:7.4:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:7.5:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:7.5p1:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:7.6:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:7.6p2:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.0p2:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.1:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.10:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.11:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.12:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.13:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.14:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.15:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4.16:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:*:*:*:*:*:*:*:* (Version <= 8.4.17)
  • OR cpe:/a:tcl_tk:tcl_tk:8.4a2:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4a3:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4a4:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4b1:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.4b2:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.5_a3:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.5a1:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.5a2:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.5a3:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.5a4:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.5a5:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.5a6:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.5b1:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.5b2:*:*:*:*:*:*:*
  • OR cpe:/a:tcl_tk:tcl_tk:8.5b3:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20080553
    V
    		CVE-2008-0553
    2022-06-30
    oval:org.opensuse.security:def:113529
    P
    		tkimg-1.4-5.9 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:106925
    P
    		tkimg-1.4-5.9 on GA media (Moderate)
    2021-10-01
    oval:org.mitre.oval:def:8363
    P
    		DSA-1598 libtk-img -- buffer overflow
    2015-02-23
    oval:org.mitre.oval:def:17105
    P
    		USN-664-1 -- tk8.0, tk8.3, tk8.4 vulnerability
    2014-07-21
    oval:org.mitre.oval:def:7812
    P
    		DSA-1491 tk8.4 -- buffer overflow
    2014-06-23
    oval:org.mitre.oval:def:18578
    P
    		DSA-1491-1 tk8.4 - arbitrary code execution
    2014-06-23
    oval:org.mitre.oval:def:18666
    P
    		DSA-1598-1 libtk-img - arbitrary code execution
    2014-06-23
    oval:org.mitre.oval:def:20168
    P
    		DSA-1490-1 tk8.3 - arbitrary code execution
    2014-06-23
    oval:org.mitre.oval:def:7228
    P
    		DSA-1490 tk8.3 -- buffer overflow
    2014-06-23
    oval:org.mitre.oval:def:22566
    P
    		ELSA-2008:0136: tk security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:10098
    V
    		Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
    2013-04-29
    oval:org.debian:def:1598
    V
    		buffer overflow
    2008-06-19
    oval:com.redhat.rhsa:def:20080134
    P
    		RHSA-2008:0134: tcltk security update (Moderate)
    2008-03-20
    oval:com.redhat.rhsa:def:20080135
    P
    		RHSA-2008:0135: tk security update (Moderate)
    2008-02-22
    oval:com.redhat.rhsa:def:20080136
    P
    		RHSA-2008:0136: tk security update (Moderate)
    2008-02-21
    oval:org.debian:def:1491
    V
    		buffer overflow
    2008-02-10
    oval:org.debian:def:1490
    V
    		buffer overflow
    2008-02-10
    BACK
    tcl_tk tcl tk 2.1
    tcl_tk tcl tk 3.3
    tcl_tk tcl tk 4.0p1
    tcl_tk tcl tk 6.1
    tcl_tk tcl tk 6.1p1
    tcl_tk tcl tk 6.2
    tcl_tk tcl tk 6.4
    tcl_tk tcl tk 6.5
    tcl_tk tcl tk 6.6
    tcl_tk tcl tk 6.7
    tcl_tk tcl tk 7.0
    tcl_tk tcl tk 7.1
    tcl_tk tcl tk 7.3
    tcl_tk tcl tk 7.4
    tcl_tk tcl tk 7.5
    tcl_tk tcl tk 7.5p1
    tcl_tk tcl tk 7.6
    tcl_tk tcl tk 7.6p2
    tcl_tk tcl tk 8.0
    tcl_tk tcl tk 8.0.3
    tcl_tk tcl tk 8.0.4
    tcl_tk tcl tk 8.0.5
    tcl_tk tcl tk 8.0p2
    tcl_tk tcl tk 8.1
    tcl_tk tcl tk 8.1.1
    tcl_tk tcl tk 8.2.0
    tcl_tk tcl tk 8.2.1
    tcl_tk tcl tk 8.2.2
    tcl_tk tcl tk 8.2.3
    tcl_tk tcl tk 8.3.0
    tcl_tk tcl tk 8.3.1
    tcl_tk tcl tk 8.3.2
    tcl_tk tcl tk 8.3.3
    tcl_tk tcl tk 8.3.4
    tcl_tk tcl tk 8.3.5
    tcl_tk tcl tk 8.4.0
    tcl_tk tcl tk 8.4.1
    tcl_tk tcl tk 8.4.2
    tcl_tk tcl tk 8.4.3
    tcl_tk tcl tk 8.4.4
    tcl_tk tcl tk 8.4.5
    tcl_tk tcl tk 8.4.6
    tcl_tk tcl tk 8.4.7
    tcl_tk tcl tk 8.4.8
    tcl_tk tcl tk 8.4.9
    tcl_tk tcl tk 8.4.10
    tcl_tk tcl tk 8.4.11
    tcl_tk tcl tk 8.4.12
    tcl_tk tcl tk 8.4.13
    tcl_tk tcl tk 8.4.14
    tcl_tk tcl tk 8.4.15
    tcl_tk tcl tk 8.4.16
    tcl_tk tcl tk *
    tcl_tk tcl tk 8.4a2
    tcl_tk tcl tk 8.4a3
    tcl_tk tcl tk 8.4a4
    tcl_tk tcl tk 8.4b1
    tcl_tk tcl tk 8.4b2
    tcl_tk tcl tk 8.5.0
    tcl_tk tcl tk 8.5_a3
    tcl_tk tcl tk 8.5a1
    tcl_tk tcl tk 8.5a2
    tcl_tk tcl tk 8.5a3
    tcl_tk tcl tk 8.5a4
    tcl_tk tcl tk 8.5a5
    tcl_tk tcl tk 8.5a6
    tcl_tk tcl tk 8.5b1
    tcl_tk tcl tk 8.5b2
    tcl_tk tcl tk 8.5b3