Launchpad.net

CVE 2007-5378

Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the first subimage is smaller than a subsequent subimage, which triggers the overflow in the ReadImage function, a different vulnerability than CVE-2007-5137.

Related bugs and status

CVE-2007-5378 (Candidate) is related to these bugs:

Bug #151007: tk8.3 buffer overrun

Summary				In	Importance	Status
	151007	tk8.3 buffer overrun		tk8.3 (Ubuntu)	Undecided	Fix Released

Bug #151008: tk8.4 buffer overrun

Summary				In	Importance	Status
	151008	tk8.4 buffer overrun		tk8.4 (Ubuntu)	Undecided	Fix Released

Bug #172519: [tk8.4] [tk8.3] buffer overflow

Summary				In	Importance	Status
	172519	[tk8.4] [tk8.3] buffer overflow		tk8.4 (Ubuntu)	Undecided	Fix Released
	172519	[tk8.4] [tk8.3] buffer overflow		tk8.3 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

UBUNTU: USN-529-1
SECUNIA: 27207
BID: 26056
MANDRIVA: MDKSA-2007:200
SECUNIA: 27295
VIM: 20071012 clarification...
DEBIAN: DSA-1415
DEBIAN: DSA-1416
SECUNIA: 27801
SECUNIA: 27806
REDHAT: RHSA-2008:0135
REDHAT: RHSA-2008:0134
SECUNIA: 29070
SUNALERT: 237465
SECUNIA: 30129
CONFIRM: http://www.vmware.com/...
SECUNIA: 30535
DEBIAN: DSA-1743
SECUNIA: 34297
VUPEN: ADV-2008-1456
VUPEN: ADV-2008-1744
CONFIRM: https://sourceforge.ne...
XF: tktoolkit-filereadgif-...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20080604 VMSA-2008-000...