// For flags

CVE-2008-0553

tk: GIF handling buffer overflow

Severity Score

6.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.

Un desbordamiento de búfer en la región stack de la memoria en la función ReadImage en el archivo tkImgGIF.c en Tk (Tcl/Tk) versiones anteriores a 8.5.1, permite a los atacantes remotos ejecutar código arbitrario por medio de una imagen GIF diseñada, un problema similar a CVE-2006-4484.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-02-01 CVE Reserved
  • 2008-02-07 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-11-03 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (45)
URL Tag Source
http://secunia.com/advisories/32608 Third Party Advisory
http://securitytracker.com/id?1019309 Vdb Entry
http://sourceforge.net/project/shownotes.php?release_id=573933&group_id=10894 X_refsource_confirm
http://wiki.rpath.com/Advisories:rPSA-2008-0054 X_refsource_confirm
http://www.securityfocus.com/archive/1/488069/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/493080/100/0/threaded Mailing List
http://www.vmware.com/security/advisories/VMSA-2008-0009.html X_refsource_confirm
https://issues.rpath.com/browse/RPL-2215 X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098 Signature
URL Date SRC
URL Date SRC
http://secunia.com/advisories/28784 2018-10-15
http://www.securityfocus.com/bid/27655 2018-10-15
URL Date SRC
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html 2018-10-15
http://secunia.com/advisories/28807 2018-10-15
http://secunia.com/advisories/28848 2018-10-15
http://secunia.com/advisories/28857 2018-10-15
http://secunia.com/advisories/28867 2018-10-15
http://secunia.com/advisories/28954 2018-10-15
http://secunia.com/advisories/29069 2018-10-15
http://secunia.com/advisories/29070 2018-10-15
http://secunia.com/advisories/29622 2018-10-15
http://secunia.com/advisories/30129 2018-10-15
http://secunia.com/advisories/30188 2018-10-15
http://secunia.com/advisories/30535 2018-10-15
http://secunia.com/advisories/30717 2018-10-15
http://secunia.com/advisories/30783 2018-10-15
http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1 2018-10-15
http://ubuntu.com/usn/usn-664-1 2018-10-15
http://www.debian.org/security/2008/dsa-1490 2018-10-15
http://www.debian.org/security/2008/dsa-1491 2018-10-15
http://www.debian.org/security/2008/dsa-1598 2018-10-15
http://www.mandriva.com/security/advisories?name=MDVSA-2008:041 2018-10-15
http://www.novell.com/linux/security/advisories/2008_13_sr.html 2018-10-15
http://www.redhat.com/support/errata/RHSA-2008-0134.html 2018-10-15
http://www.redhat.com/support/errata/RHSA-2008-0135.html 2018-10-15
http://www.redhat.com/support/errata/RHSA-2008-0136.html 2018-10-15
http://www.vupen.com/english/advisories/2008/0430 2018-10-15
http://www.vupen.com/english/advisories/2008/1456/references 2018-10-15
http://www.vupen.com/english/advisories/2008/1744 2018-10-15
https://bugzilla.redhat.com/show_bug.cgi?id=431518 2008-02-21
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html 2018-10-15
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html 2018-10-15
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html 2018-10-15
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html 2018-10-15
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html 2018-10-15
https://access.redhat.com/security/cve/CVE-2008-0553 2008-02-21
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 <= 8.4.17
Search vendor "Tcl Tk" for product "Tcl Tk" and version " <= 8.4.17"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 2.1
Search vendor "Tcl Tk" for product "Tcl Tk" and version "2.1"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 3.3
Search vendor "Tcl Tk" for product "Tcl Tk" and version "3.3"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 4.0p1
Search vendor "Tcl Tk" for product "Tcl Tk" and version "4.0p1"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 6.1
Search vendor "Tcl Tk" for product "Tcl Tk" and version "6.1"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 6.1p1
Search vendor "Tcl Tk" for product "Tcl Tk" and version "6.1p1"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 6.2
Search vendor "Tcl Tk" for product "Tcl Tk" and version "6.2"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 6.4
Search vendor "Tcl Tk" for product "Tcl Tk" and version "6.4"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 6.5
Search vendor "Tcl Tk" for product "Tcl Tk" and version "6.5"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 6.6
Search vendor "Tcl Tk" for product "Tcl Tk" and version "6.6"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 6.7
Search vendor "Tcl Tk" for product "Tcl Tk" and version "6.7"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 7.0
Search vendor "Tcl Tk" for product "Tcl Tk" and version "7.0"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 7.1
Search vendor "Tcl Tk" for product "Tcl Tk" and version "7.1"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 7.3
Search vendor "Tcl Tk" for product "Tcl Tk" and version "7.3"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 7.4
Search vendor "Tcl Tk" for product "Tcl Tk" and version "7.4"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 7.5
Search vendor "Tcl Tk" for product "Tcl Tk" and version "7.5"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 7.5p1
Search vendor "Tcl Tk" for product "Tcl Tk" and version "7.5p1"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 7.6
Search vendor "Tcl Tk" for product "Tcl Tk" and version "7.6"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 7.6p2
Search vendor "Tcl Tk" for product "Tcl Tk" and version "7.6p2"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.0
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.0"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.0.3
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.0.3"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.0.4
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.0.4"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.0.5
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.0.5"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.0p2
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.0p2"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.1
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.1"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.1.1
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.1.1"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.2.0
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.2.0"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.2.1
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.2.1"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.2.2
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.2.2"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.2.3
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.2.3"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.3.0
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.3.0"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.3.1
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.3.1"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.3.2
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.3.2"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.3.3
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.3.3"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.3.4
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.3.4"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.3.5
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.3.5"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.0
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.0"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.1
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.1"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.2
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.2"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.3
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.3"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.4
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.4"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.5
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.5"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.6
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.6"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.7
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.7"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.8
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.8"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.9
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.9"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.10
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.10"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.11
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.11"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.12
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.12"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.13
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.13"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.14
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.14"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.15
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.15"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4.16
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4.16"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4a2
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4a2"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4a3
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4a3"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4a4
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4a4"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4b1
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4b1"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.4b2
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.4b2"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.5.0
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.5.0"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.5_a3
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.5_a3"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.5a1
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.5a1"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.5a2
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.5a2"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.5a3
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.5a3"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.5a4
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.5a4"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.5a5
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.5a5"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.5a6
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.5a6"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.5b1
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.5b1"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.5b2
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.5b2"
-
Affected
Tcl Tk
Search vendor "Tcl Tk"
 Tcl Tk
Search vendor "Tcl Tk" for product "Tcl Tk"
 8.5b3
Search vendor "Tcl Tk" for product "Tcl Tk" and version "8.5b3"
-
Affected