CVE-2007-5378 — Vulnetix

CVE-2007-5378 PUBLISHED

Reported by canonical · Published October 12, 2007

Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the first subimage is smaller than a subsequent subimage, which triggers the overflow in the ReadImage function, a different vulnerability than CVE-2007-5137.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a, n/a, n/a

Timeline

Oct 12, 2007 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 9, 2023 EPSS Score
Apr 3, 2023 EPSS Score
May 25, 2023 EPSS Score
Jul 17, 2023 EPSS Score
Sep 8, 2023 EPSS Score

References

30129 third-party-advisoryx_refsource_SECUNIA
RHSA-2008:0134 vendor-advisoryx_refsource_REDHAT
ADV-2008-1744 vdb-entryx_refsource_VUPEN
34297 third-party-advisoryx_refsource_SECUNIA
ADV-2008-1456 vdb-entryx_refsource_VUPEN
26056 vdb-entryx_refsource_BID
27806 third-party-advisoryx_refsource_SECUNIA
27801 third-party-advisoryx_refsource_SECUNIA
tktoolkit-filereadgif-dos(37189) vdb-entryx_refsource_XF
x_refsource_CONFIRM
oval:org.mitre.oval:def:9480 vdb-entrysignaturex_refsource_OVAL
x_refsource_CONFIRM
237465 vendor-advisoryx_refsource_SUNALERT
MDKSA-2007:200 vendor-advisoryx_refsource_MANDRIVA
DSA-1415 vendor-advisoryx_refsource_DEBIAN
30535 third-party-advisoryx_refsource_SECUNIA
DSA-1743 vendor-advisoryx_refsource_DEBIAN
20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-listx_refsource_BUGTRAQ
27295 third-party-advisoryx_refsource_SECUNIA
29070 third-party-advisoryx_refsource_SECUNIA

…and 5 more

Open in Interactive Console →