CVE-2007-5378

描述

Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the first subimage is smaller than a subsequent subimage, which triggers the overflow in the ReadImage function, a different vulnerability than CVE-2007-5137.

受影響套件(3)

• Debian/libtk-imgfrom 0, < 1.3-release-8
• Debian/tk8.3from 0, < 8.3.5-6etch1
• Debian/tk8.4from 0, < 8.4.12-1etch1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-5378