DSA-1743-1 libtk-img -- buffer overflowsID: oval:org.secpod.oval:def:600478 | Date: (C)2011-05-13 (M)2022-10-10 |
Class: PATCH | Family: unix |
Two buffer overflows have been found in the GIF image parsing code of Tk, a cross-platform graphical toolkit, which could lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-5137 It was discovered that libtk-img is prone to a buffer overflow via specially crafted multi-frame interlaced GIF files. CVE-2007-5378 It was discovered that libtk-img is prone to a buffer overflow via specially crafted GIF files with certain subimage sizes. For the stable distribution , these problems have been fixed in version 1.3-release-7+lenny1. For the oldstable distribution , these problems have been fixed in version 1.3-15etch3. For the testing distribution and the unstable distribution , these problems have been fixed in version 1.3-release-8. We recommend that you upgrade your libtk-img packages.
Platform: |
Debian 5.0 |
Debian 4.0 |