CVE-2007-5137
EPSS 8.0%libtk-img - arbitrary code execution
發布日:2007/9/28修改日:2026/4/28
也稱為:DEBIAN-CVE-2007-5137
描述
Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378.
受影響套件(2)
- Debian/libtk-imgfrom 0, < 1.3-release-8
- Debian/libtk-imgfrom 0, < 1:1.3-15etch3