 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.59817 |
| Category: | Fedora Local Security Checks |
| Title: | Fedora Core 7 FEDORA-2007-2564 (tk) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing an update to tk announced via advisory FEDORA-2007-2564. When paired with the Tcl scripting language, Tk provides a fast and powerful way to create cross-platform GUI applications. Update Information: Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) before 8.4.16 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. ChangeLog: * Mon Oct 15 2007 Marcela Maslanova - 1:8.4.13-6 - CVE-2007-5137 gif buffer overflow References: [ 1 ] CVE-2007-5137 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5137 Updated packages: 2f9dbe2132bf4fc78f8421e5ef6b9066d908c961 tk-8.4.13-6.fc7.ppc64.rpm dfd62ad97a40e452f90f1d303332decbd274524d tk-debuginfo-8.4.13-6.fc7.ppc64.rpm caf8b249afc9309cde1cc24b4946652045487912 tk-devel-8.4.13-6.fc7.ppc64.rpm 283a46b8af5b941e56f190b2f480d5447c86e84b tk-8.4.13-6.fc7.i386.rpm 55c6896d1c31cd6c6e053275e6ebe218e02b17fa tk-debuginfo-8.4.13-6.fc7.i386.rpm 9ae4f4e6258199851a8ad0b57feb448952f48956 tk-devel-8.4.13-6.fc7.i386.rpm 37d7a2427add562debe4db70c17c26d9d25556c7 tk-debuginfo-8.4.13-6.fc7.x86_64.rpm 15470e5810da218ab82bcc5b4cf609609b5c2d07 tk-8.4.13-6.fc7.x86_64.rpm b119aeb80fbdc14e5bcedbcfbc7a265da6a3ac96 tk-devel-8.4.13-6.fc7.x86_64.rpm d15bf067c74b67c516a8d3d482f00ba767de1a04 tk-8.4.13-6.fc7.ppc.rpm e117e10b20001966a93fd96eba81a6541d7cd701 tk-debuginfo-8.4.13-6.fc7.ppc.rpm 2855c76d43b4dcbc5e84bfcef6632ba16fb584cd tk-devel-8.4.13-6.fc7.ppc.rpm 7781a6f38cca6f9c65027d00e85fd92cb4ad0935 tk-8.4.13-6.fc7.src.rpm This update can be installed with the yum update program. Use su -c 'yum update tk' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. Solution: Apply the appropriate updates. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-2564 Risk factor : High CVSS Score: 6.8 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-5137 BugTraq ID: 25826 http://www.securityfocus.com/bid/25826 Debian Security Information: DSA-1743 (Google Search) http://www.debian.org/security/2009/dsa-1743 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00261.html http://security.gentoo.org/glsa/glsa-200710-07.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:200 http://bugs.gentoo.org/show_bug.cgi?id=192539 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9540 http://www.redhat.com/support/errata/RHSA-2008-0136.html http://secunia.com/advisories/26942 http://secunia.com/advisories/27086 http://secunia.com/advisories/27182 http://secunia.com/advisories/27207 http://secunia.com/advisories/27229 http://secunia.com/advisories/27295 http://secunia.com/advisories/29069 http://secunia.com/advisories/34297 SuSE Security Announcement: SUSE-SR:2007:020 (Google Search) http://www.novell.com/linux/security/advisories/2007_20_sr.html http://www.ubuntu.com/usn/usn-529-1 http://www.attrition.org/pipermail/vim/2007-October/001826.html |
| Copyright | Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |