VDB
CVE-2007-5137
CVE-2007-5137
PUBLISHED
Reported by mitre · Published September 28, 2007
Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a, n/a |
Timeline
- Sep 28, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- 34297 third-party-advisoryx_refsource_SECUNIA
- oval:org.mitre.oval:def:9540 vdb-entrysignaturex_refsource_OVAL
- FEDORA-2007-2564 vendor-advisoryx_refsource_FEDORA
- x_refsource_MISC
- 26942 third-party-advisoryx_refsource_SECUNIA
- 27086 third-party-advisoryx_refsource_SECUNIA
- RHSA-2008:0136 vendor-advisoryx_refsource_REDHAT
- MDKSA-2007:200 vendor-advisoryx_refsource_MANDRIVA
- DSA-1743 vendor-advisoryx_refsource_DEBIAN
- GLSA-200710-07 vendor-advisoryx_refsource_GENTOO
- 27295 third-party-advisoryx_refsource_SECUNIA
- x_refsource_CONFIRM
- 27229 third-party-advisoryx_refsource_SECUNIA
- USN-529-1 vendor-advisoryx_refsource_UBUNTU
- 27182 third-party-advisoryx_refsource_SECUNIA
- 20071012 clarification on multiple Tk overflow issues mailing-listx_refsource_VIM
- 29069 third-party-advisoryx_refsource_SECUNIA
- 27207 third-party-advisoryx_refsource_SECUNIA
- SUSE-SR:2007:020 vendor-advisoryx_refsource_SUSE
- 25826 vdb-entryx_refsource_BID