[VIM] clarification on multiple Tk overflow issues
nikns at secure.lv
Fri Oct 12 08:27:59 UTC 2007
On Thu, Oct 11, 2007 at 08:27:09PM -0400, Steven M. Christey wrote:
>CVE-2007-5378 - 8.4.12 and earlier
>CVE-2007-5137 - only affects 8.4.13 through 8.4.15; this was an
>incorrect or incomplete patch for CVE-2007-5378.
Why does http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5378 is inaccessible?
>Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl
>(Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute
>arbitrary code via multi-frame interlaced GIF files in which later
>frames are smaller than the first. NOTE: this issue is due to an
>incorrect patch for CVE-2007-5378.
>Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk
>Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows
>user-assisted attackers to cause a denial of service (segmentation
>fault) via an animated GIF in which the first subimage is smaller than
>a subsequent subimage, which triggers the overflow in the ReadImage
>function, a different vulnerability than CVE-2007-5137.
More information about the VIM