CVSS: 9.8EPSS: 9%CPEs: 69EXPL: 0CVE-2008-0553 – tk: GIF handling buffer overflow
https://notcve.org/view.php?id=CVE-2008-0553
07 Feb 2008 — Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484. Un desbordamiento de búfer en la región stack de la memoria en la función ReadImage en el archivo tkImgGIF.c en Tk (Tcl/Tk) versiones anteriores a 8.5.1, permite a los atacantes remotos ejecutar código arbitrario por medio de una imagen GIF diseñada, un problema similar a CVE-2006-4484. This GLSA contains ... • http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 57EXPL: 0CVE-2007-4769 – postgresql integer overflow in regex code
https://notcve.org/view.php?id=CVE-2007-4769
09 Jan 2008 — The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number. El analizador de expresiones regulares en TCL versiones anteriores a 8.4.17, como es usado en PostgreSQL versiones 8.2 anteriores a 8.2.6,versiones 8.1 anteriores a 8.1.11, versiones 8.0 anteriores a 8.0.15 y versiones 7.4 anteriores a 7.4.19,... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 1%CPEs: 57EXPL: 1CVE-2007-6067 – postgresql: tempory DoS caused by slow regex NFA cleanup
https://notcve.org/view.php?id=CVE-2007-6067
09 Jan 2008 — Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states. Vulnerabilidad de complejidad algorítmica en el analizador de la expresión regular en TCL en versiones anteriores a 8.4.17, tal como se utiliza en PostgreSQL 8.2 en ... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2007-5378 – Tk GIF processing buffer overflow
https://notcve.org/view.php?id=CVE-2007-5378
12 Oct 2007 — Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the first subimage is smaller than a subsequent subimage, which triggers the overflow in the ReadImage function, a different vulnerability than CVE-2007-5137. Desbordamiento de búfer en la función FileReadGIF de tkImgGIF.c para Tk Toolkit 8.4.12 y anteriores, y 8.3.5 y anteriores, perm... • http://secunia.com/advisories/27207 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 8%CPEs: 3EXPL: 0CVE-2007-5137 – Tk GIF processing buffer overflow
https://notcve.org/view.php?id=CVE-2007-5137
28 Sep 2007 — Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378. Un desbordamiento de búfer en la función ReadImage en el archivo generic/tkImgGIF.c en Tcl (Tcl/Tk) versiones 8.4.13 hasta 8.4.15, permite a atacantes remotos ejecutar código arbitrario por medio de archivos ... • http://bugs.gentoo.org/show_bug.cgi?id=192539 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-2877
https://notcve.org/view.php?id=CVE-2007-2877
29 May 2007 — Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 allows local users to gain privileges via long registry key paths. Desbordamiento de búfer en tcl/win/tclWinReg.c en Tcl (Tcl/Tk) anterior a 8.5a6 permite a usuarios locales obtener privilegios mediante rutas de clave de registro largas. • http://osvdb.org/36528 •