CVE-2007-5137

Publication date 28 September 2007

Last updated 24 July 2024


Ubuntu priority

Description

Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378.

Read the notes from the security team

Status

Package Ubuntu Release Status
libtk-img 11.10 oneiric
Not affected
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Fixed 1:1.3-release-7+lenny1build0.8.10.1
8.04 LTS hardy Ignored end of life
7.10 gutsy Ignored end of life, was needed
6.06 LTS dapper Ignored end of life
tk8.3 11.10 oneiric Not in release
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy
Not affected
7.04 feisty
Fixed 8.3.5-6ubuntu2.1
6.10 edgy
Fixed 8.3.5-6ubuntu1.1
6.06 LTS dapper
Fixed 8.3.5-4ubuntu1.1
tk8.4 11.10 oneiric
Not affected
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy
Not affected
7.04 feisty
Fixed 8.4.14-0ubuntu2.1
6.10 edgy
Fixed 8.4.12-1ubuntu0.1
6.06 LTS dapper
Fixed 8.4.12-0ubuntu1.1

Notes


jdstrand

CVE only affects feisty and gutsy tk8.4. These releases have a fix for tcl/tk bug #1458234, which either introduced or unmasked the issue in this CVE (investigate). Bug #1458234 is a memory corruption crasher as well, and though it doesn't have a CVE, it should be fixed. tk8.3 is affected by #1458234 in all releases, so when fixing it, be sure to fix the CVE as well. tk8.4 in dapper and edgy need both fixes too.

References

Related Ubuntu Security Notices (USN)

Other references