{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-02-06T00:00:00", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "30129", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30129"}, {"name": "28784", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28784"}, {"name": "RHSA-2008:0134", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html"}, {"name": "DSA-1598", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1598"}, {"name": "20080212 rPSA-2008-0054-1 tk", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/488069/100/0/threaded"}, {"name": "ADV-2008-1744", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1744"}, {"name": "29622", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29622"}, {"name": "27655", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/27655"}, {"name": "SUSE-SR:2008:008", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"}, {"name": "USN-664-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://ubuntu.com/usn/usn-664-1"}, {"name": "ADV-2008-1456", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1456/references"}, {"name": "28857", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28857"}, {"name": "30783", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30783"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-2215"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"}, {"name": "oval:org.mitre.oval:def:10098", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098"}, {"name": "DSA-1490", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1490"}, {"name": "237465", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1"}, {"name": "RHSA-2008:0136", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=431518"}, {"name": "ADV-2008-0430", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0430"}, {"name": "28954", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28954"}, {"name": "30535", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30535"}, {"name": "30188", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30188"}, {"name": "FEDORA-2008-1131", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/project/shownotes.php?release_id=573933&group_id=10894"}, {"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"}, {"name": "FEDORA-2008-1384", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html"}, {"name": "FEDORA-2008-1122", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html"}, {"name": "32608", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32608"}, {"name": "29070", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29070"}, {"name": "FEDORA-2008-3545", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html"}, {"name": "28848", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28848"}, {"name": "RHSA-2008:0135", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0135.html"}, {"name": "29069", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29069"}, {"name": "FEDORA-2008-1323", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html"}, {"name": "28867", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28867"}, {"name": "1019309", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1019309"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0054"}, {"name": "MDVSA-2008:041", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:041"}, {"name": "DSA-1491", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1491"}, {"name": "28807", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28807"}, {"name": "SUSE-SR:2008:013", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"}, {"name": "30717", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30717"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2008-0553", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "30129", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30129"}, {"name": "28784", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28784"}, {"name": "RHSA-2008:0134", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html"}, {"name": "DSA-1598", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1598"}, {"name": "20080212 rPSA-2008-0054-1 tk", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/488069/100/0/threaded"}, {"name": "ADV-2008-1744", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1744"}, {"name": "29622", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29622"}, {"name": "27655", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27655"}, {"name": "SUSE-SR:2008:008", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"}, {"name": "USN-664-1", "refsource": "UBUNTU", "url": "http://ubuntu.com/usn/usn-664-1"}, {"name": "ADV-2008-1456", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1456/references"}, {"name": "28857", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28857"}, {"name": "30783", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30783"}, {"name": "https://issues.rpath.com/browse/RPL-2215", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-2215"}, {"name": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"}, {"name": "oval:org.mitre.oval:def:10098", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098"}, {"name": "DSA-1490", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1490"}, {"name": "237465", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1"}, {"name": "RHSA-2008:0136", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=431518", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=431518"}, {"name": "ADV-2008-0430", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0430"}, {"name": "28954", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28954"}, {"name": "30535", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30535"}, {"name": "30188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30188"}, {"name": "FEDORA-2008-1131", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html"}, {"name": "http://sourceforge.net/project/shownotes.php?release_id=573933&group_id=10894", "refsource": "CONFIRM", "url": "http://sourceforge.net/project/shownotes.php?release_id=573933&group_id=10894"}, {"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"}, {"name": "FEDORA-2008-1384", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html"}, {"name": "FEDORA-2008-1122", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html"}, {"name": "32608", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32608"}, {"name": "29070", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29070"}, {"name": "FEDORA-2008-3545", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html"}, {"name": "28848", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28848"}, {"name": "RHSA-2008:0135", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0135.html"}, {"name": "29069", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29069"}, {"name": "FEDORA-2008-1323", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html"}, {"name": "28867", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28867"}, {"name": "1019309", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1019309"}, {"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0054", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0054"}, {"name": "MDVSA-2008:041", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:041"}, {"name": "DSA-1491", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1491"}, {"name": "28807", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28807"}, {"name": "SUSE-SR:2008:013", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"}, {"name": "30717", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30717"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2008-0553", "datePublished": "2008-02-07T20:00:00", "dateReserved": "2008-02-01T00:00:00", "dateUpdated": "2018-10-15T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:*:*:*:*:*:*:*:*", "matchCriteriaId": "4DF6AAA4-A3BD-4436-B5A5-070AC79F260D", "versionEndIncluding": "8.4.17", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "5F06FEF3-A290-4256-ADB7-BC6E59A57852", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "8F451113-3A1C-455C-A328-149121C8C204", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:4.0p1:*:*:*:*:*:*:*", "matchCriteriaId": "13A85D7C-DF70-4AF6-94F0-881D35082E48", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "E131184A-BD9E-41CF-B3D0-AB9E87834C25", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.1p1:*:*:*:*:*:*:*", "matchCriteriaId": "546DC29B-2A50-420A-AECD-EF526363AF2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "25B5AC3C-9F3E-499F-9EA7-5A0F9A889934", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "9819E03A-8A9E-4483-BBEB-4B3708798960", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "57D7BBC1-70C7-4509-B9A7-4B08615B1BBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "8CCF8D59-9712-4C55-A680-7DD7C17EE8C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "EF4B0EEA-735E-4BB6-96E4-133F293A7295", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E2545F45-2F35-442B-84BA-DC7649E55672", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "77D4364D-9BB0-47A2-BFA6-37C369C3E6B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "A799BDBF-A56B-4125-A385-5FF87A0B069A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "FD4DCB1D-DD71-4C85-97E6-55AB467A8CBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "509225EF-4423-45AE-AC86-5CF7188DF7B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.5p1:*:*:*:*:*:*:*", "matchCriteriaId": "7B924063-CD33-44ED-BBB6-42FC6A12BD8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "0C9F9F96-DE6F-4B77-8715-360543E95E19", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.6p2:*:*:*:*:*:*:*", "matchCriteriaId": "F297D4B0-40DE-4728-B840-584441AB809B", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "65C60D84-229A-43CA-8481-5634A3CFBF1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "05182123-3F45-4936-A7F1-5B1328C81C13", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "F9583698-C566-40DF-912F-325454C74F85", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "92E514C1-574A-41B3-84AB-50014CDAEE40", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0p2:*:*:*:*:*:*:*", "matchCriteriaId": "A43DF20C-5EE3-45AC-A4B9-8C0DC9EC1840", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "6A3CFE21-4641-4982-9791-ABD3FE1311BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F5FFF507-18EE-4C64-BB86-48C97D7C9CD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C64F535C-A346-456F-AD99-8B135121390C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F4B6F5E4-CE71-4359-8F05-4DF63E31BF6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "49767838-28BB-4B95-B70C-CD945B3E6559", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CEA597D-65CA-43B4-9742-F8FA7EB1CDB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "1734A66C-D961-4740-82F4-F93B6D502C8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "78F9AD15-E604-4048-97C2-480AF00BE3C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C10E232-F532-4F2E-9DA7-44C10719CAC2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "7A9E15B7-5018-4941-8DC9-A6FC84262F31", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "6BB3FDAD-D0AD-410B-9FB3-001978DA0AE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "4793F51C-293F-4A56-8789-B04FE3CBA958", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "270A67C9-96BC-4B36-8B66-2EFFB7708C6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "955AA2E1-9B15-431C-8A24-DC2A06E24715", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "03F55BFF-E9E1-4C97-A0DB-5F905406C55E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "8536661B-E5A9-4D08-BC0E-0770A37E0545", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "574D7E14-49CE-478F-BD12-804F13146E2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "5165B956-F82A-4500-8B04-ADA0A100C4EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "37CB2CB3-BBC6-4F69-BDEB-53377444BD61", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "56710692-2D3A-4FB1-A3FD-8875946B7130", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "219B6B61-C2CE-418B-81A0-C9CEE6B9474A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "18EA39DD-B688-420B-A0EC-CE6F99DE2BE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "6103F8D2-277F-4ECF-B72C-90E97896758B", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "85C5C1CF-6DAF-4521-AFE9-606A5436C40A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "B70C2629-E2C1-422D-BDFA-1E0495A5ED4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "89651A15-A000-42A8-9268-4014BF34410A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "A4B54926-8A20-4743-9F9B-D255A84FE6FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "39901A5E-7CB4-42C8-90A1-25487BA0FC4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "DA3ECB75-5962-4362-98CF-CC31F72ED021", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4a2:*:*:*:*:*:*:*", "matchCriteriaId": "E0689AA7-2B44-4202-B782-E47612115700", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4a3:*:*:*:*:*:*:*", "matchCriteriaId": "BC2BA9A0-AE55-4F30-B27D-E48F2371F29F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4a4:*:*:*:*:*:*:*", "matchCriteriaId": "EC8A3AA4-2236-40BA-99BB-A215B69230A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4b1:*:*:*:*:*:*:*", "matchCriteriaId": "2D892065-8B50-48FE-8716-09F351104FAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4b2:*:*:*:*:*:*:*", "matchCriteriaId": "0EDEEDB4-DA0A-45EF-A8BA-079671E10F8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1EE930FC-E77F-4EB8-A3B8-E4B1A6433BFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5_a3:*:*:*:*:*:*:*", "matchCriteriaId": "DA27B876-A7F8-4805-B653-21D31D06CFB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a1:*:*:*:*:*:*:*", "matchCriteriaId": "E2872DCD-CD4E-4341-BE3F-0CED3F06B934", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a2:*:*:*:*:*:*:*", "matchCriteriaId": "6D3DE5A6-F00A-4AA5-9974-B8D2B1DE1084", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a3:*:*:*:*:*:*:*", "matchCriteriaId": "514AD04E-39AE-49FB-AB26-B425F1D5B34D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a4:*:*:*:*:*:*:*", "matchCriteriaId": "7FE837C2-2C20-4F8B-A92C-0F5D97974522", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a5:*:*:*:*:*:*:*", "matchCriteriaId": "DA678572-F6AE-4CC3-AE58-D420D695A297", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a6:*:*:*:*:*:*:*", "matchCriteriaId": "C8D643E2-5344-4B34-AD4B-20B4870E40F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5b1:*:*:*:*:*:*:*", "matchCriteriaId": "41FEC657-2316-45B6-B9DC-1F87C9A74CB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5b2:*:*:*:*:*:*:*", "matchCriteriaId": "DCEDEAA3-3EA8-4BF4-8A27-4F485AD60E15", "vulnerable": true}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5b3:*:*:*:*:*:*:*", "matchCriteriaId": "7D387207-B013-4D8A-82C4-F4B6FB004E09", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n ReadImage en el archivo tkImgGIF.c en Tk (Tcl/Tk) versiones anteriores a 8.5.1, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una imagen GIF dise\u00f1ada, un problema similar a CVE-2006-4484."}], "id": "CVE-2008-0553", "lastModified": "2018-10-15T22:01:08.100", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-02-07T21:00:00.000", "references": [{"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory", "Patch"], "url": "http://secunia.com/advisories/28784"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28807"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28848"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28857"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28867"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28954"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/29069"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/29070"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/29622"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30129"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30188"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30535"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30717"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30783"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/32608"}, {"source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1019309"}, {"source": "secalert@redhat.com", "url": "http://sourceforge.net/project/shownotes.php?release_id=573933&group_id=10894"}, {"source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1"}, {"source": "secalert@redhat.com", "url": "http://ubuntu.com/usn/usn-664-1"}, {"source": "secalert@redhat.com", "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0054"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2008/dsa-1490"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2008/dsa-1491"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2008/dsa-1598"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:041"}, {"source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2008-0135.html"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/488069/100/0/threaded"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/27655"}, {"source": "secalert@redhat.com", "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/0430"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/1456/references"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/1744"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=431518"}, {"source": "secalert@redhat.com", "url": "https://issues.rpath.com/browse/RPL-2215"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098"}, {"source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html"}, {"source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html"}, {"source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html"}, {"source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html"}, {"source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}