CVE-2008-0553

{"id": "CVE-2008-0553", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-02-07T21:00:00.000", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/28784", "tags": ["Vendor Advisory", "Patch"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/28807", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/28848", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/28857", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/28867", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/28954", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/29069", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/29070", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/29622", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/30129", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/30188", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/30535", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/30717", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/30783", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32608", "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1019309", "source": "secalert@redhat.com"}, {"url": "http://sourceforge.net/project/shownotes.php?release_id=573933&group_id=10894", "source": "secalert@redhat.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1", "source": "secalert@redhat.com"}, {"url": "http://ubuntu.com/usn/usn-664-1", "source": "secalert@redhat.com"}, {"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0054", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2008/dsa-1490", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2008/dsa-1491", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2008/dsa-1598", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:041", "source": "secalert@redhat.com"}, {"url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0135.html", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/488069/100/0/threaded", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/27655", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2008/0430", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2008/1456/references", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2008/1744", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431518", "source": "secalert@redhat.com"}, {"url": "https://issues.rpath.com/browse/RPL-2215", "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098", "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html", "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html", "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html", "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html", "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n ReadImage en el archivo tkImgGIF.c en Tk (Tcl/Tk) versiones anteriores a 8.5.1, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una imagen GIF dise\u00f1ada, un problema similar a CVE-2006-4484."}], "lastModified": "2018-10-15T22:01:08.100", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DF6AAA4-A3BD-4436-B5A5-070AC79F260D", "versionEndIncluding": "8.4.17"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F06FEF3-A290-4256-ADB7-BC6E59A57852"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F451113-3A1C-455C-A328-149121C8C204"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:4.0p1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13A85D7C-DF70-4AF6-94F0-881D35082E48"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E131184A-BD9E-41CF-B3D0-AB9E87834C25"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.1p1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "546DC29B-2A50-420A-AECD-EF526363AF2E"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25B5AC3C-9F3E-499F-9EA7-5A0F9A889934"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9819E03A-8A9E-4483-BBEB-4B3708798960"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57D7BBC1-70C7-4509-B9A7-4B08615B1BBF"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CCF8D59-9712-4C55-A680-7DD7C17EE8C6"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF4B0EEA-735E-4BB6-96E4-133F293A7295"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2545F45-2F35-442B-84BA-DC7649E55672"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77D4364D-9BB0-47A2-BFA6-37C369C3E6B8"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A799BDBF-A56B-4125-A385-5FF87A0B069A"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD4DCB1D-DD71-4C85-97E6-55AB467A8CBC"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "509225EF-4423-45AE-AC86-5CF7188DF7B1"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.5p1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B924063-CD33-44ED-BBB6-42FC6A12BD8A"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C9F9F96-DE6F-4B77-8715-360543E95E19"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.6p2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F297D4B0-40DE-4728-B840-584441AB809B"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65C60D84-229A-43CA-8481-5634A3CFBF1E"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05182123-3F45-4936-A7F1-5B1328C81C13"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9583698-C566-40DF-912F-325454C74F85"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92E514C1-574A-41B3-84AB-50014CDAEE40"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0p2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A43DF20C-5EE3-45AC-A4B9-8C0DC9EC1840"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A3CFE21-4641-4982-9791-ABD3FE1311BF"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5FFF507-18EE-4C64-BB86-48C97D7C9CD6"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C64F535C-A346-456F-AD99-8B135121390C"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4B6F5E4-CE71-4359-8F05-4DF63E31BF6E"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49767838-28BB-4B95-B70C-CD945B3E6559"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CEA597D-65CA-43B4-9742-F8FA7EB1CDB4"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1734A66C-D961-4740-82F4-F93B6D502C8B"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78F9AD15-E604-4048-97C2-480AF00BE3C1"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C10E232-F532-4F2E-9DA7-44C10719CAC2"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A9E15B7-5018-4941-8DC9-A6FC84262F31"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BB3FDAD-D0AD-410B-9FB3-001978DA0AE4"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4793F51C-293F-4A56-8789-B04FE3CBA958"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "270A67C9-96BC-4B36-8B66-2EFFB7708C6C"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "955AA2E1-9B15-431C-8A24-DC2A06E24715"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03F55BFF-E9E1-4C97-A0DB-5F905406C55E"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8536661B-E5A9-4D08-BC0E-0770A37E0545"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "574D7E14-49CE-478F-BD12-804F13146E2F"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5165B956-F82A-4500-8B04-ADA0A100C4EB"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37CB2CB3-BBC6-4F69-BDEB-53377444BD61"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56710692-2D3A-4FB1-A3FD-8875946B7130"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "219B6B61-C2CE-418B-81A0-C9CEE6B9474A"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18EA39DD-B688-420B-A0EC-CE6F99DE2BE3"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6103F8D2-277F-4ECF-B72C-90E97896758B"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85C5C1CF-6DAF-4521-AFE9-606A5436C40A"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B70C2629-E2C1-422D-BDFA-1E0495A5ED4C"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89651A15-A000-42A8-9268-4014BF34410A"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4B54926-8A20-4743-9F9B-D255A84FE6FC"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39901A5E-7CB4-42C8-90A1-25487BA0FC4D"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA3ECB75-5962-4362-98CF-CC31F72ED021"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4a2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0689AA7-2B44-4202-B782-E47612115700"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4a3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC2BA9A0-AE55-4F30-B27D-E48F2371F29F"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4a4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC8A3AA4-2236-40BA-99BB-A215B69230A5"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4b1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D892065-8B50-48FE-8716-09F351104FAC"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4b2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EDEEDB4-DA0A-45EF-A8BA-079671E10F8A"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1EE930FC-E77F-4EB8-A3B8-E4B1A6433BFE"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5_a3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA27B876-A7F8-4805-B653-21D31D06CFB1"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2872DCD-CD4E-4341-BE3F-0CED3F06B934"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D3DE5A6-F00A-4AA5-9974-B8D2B1DE1084"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "514AD04E-39AE-49FB-AB26-B425F1D5B34D"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FE837C2-2C20-4F8B-A92C-0F5D97974522"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA678572-F6AE-4CC3-AE58-D420D695A297"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8D643E2-5344-4B34-AD4B-20B4870E40F9"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5b1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41FEC657-2316-45B6-B9DC-1F87C9A74CB9"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5b2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCEDEAA3-3EA8-4BF4-8A27-4F485AD60E15"}, {"criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5b3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D387207-B013-4D8A-82C4-F4B6FB004E09"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}