CVE-2008-0553 (GCVE-0-2008-0553)
Vulnerability from cvelistv5 – Published: 2008-02-07 20:00 – Updated: 2024-08-07 07:46
VLAI
Summary
Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
44 references
Date Public
2008-02-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:55.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30129"
},
{
"name": "28784",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28784"
},
{
"name": "RHSA-2008:0134",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html"
},
{
"name": "DSA-1598",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1598"
},
{
"name": "20080212 rPSA-2008-0054-1 tk",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488069/100/0/threaded"
},
{
"name": "ADV-2008-1744",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"name": "29622",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29622"
},
{
"name": "27655",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27655"
},
{
"name": "SUSE-SR:2008:008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
},
{
"name": "USN-664-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-664-1"
},
{
"name": "ADV-2008-1456",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1456/references"
},
{
"name": "28857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28857"
},
{
"name": "30783",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30783"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2215"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"name": "oval:org.mitre.oval:def:10098",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098"
},
{
"name": "DSA-1490",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1490"
},
{
"name": "237465",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1"
},
{
"name": "RHSA-2008:0136",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431518"
},
{
"name": "ADV-2008-0430",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0430"
},
{
"name": "28954",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28954"
},
{
"name": "30535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30535"
},
{
"name": "30188",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30188"
},
{
"name": "FEDORA-2008-1131",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894"
},
{
"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"name": "FEDORA-2008-1384",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html"
},
{
"name": "FEDORA-2008-1122",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html"
},
{
"name": "32608",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32608"
},
{
"name": "29070",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29070"
},
{
"name": "FEDORA-2008-3545",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html"
},
{
"name": "28848",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28848"
},
{
"name": "RHSA-2008:0135",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0135.html"
},
{
"name": "29069",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29069"
},
{
"name": "FEDORA-2008-1323",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html"
},
{
"name": "28867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28867"
},
{
"name": "1019309",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019309"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0054"
},
{
"name": "MDVSA-2008:041",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:041"
},
{
"name": "DSA-1491",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1491"
},
{
"name": "28807",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28807"
},
{
"name": "SUSE-SR:2008:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
},
{
"name": "30717",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30717"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "30129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30129"
},
{
"name": "28784",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28784"
},
{
"name": "RHSA-2008:0134",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html"
},
{
"name": "DSA-1598",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1598"
},
{
"name": "20080212 rPSA-2008-0054-1 tk",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488069/100/0/threaded"
},
{
"name": "ADV-2008-1744",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"name": "29622",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29622"
},
{
"name": "27655",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27655"
},
{
"name": "SUSE-SR:2008:008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
},
{
"name": "USN-664-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-664-1"
},
{
"name": "ADV-2008-1456",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1456/references"
},
{
"name": "28857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28857"
},
{
"name": "30783",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30783"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2215"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"name": "oval:org.mitre.oval:def:10098",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098"
},
{
"name": "DSA-1490",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1490"
},
{
"name": "237465",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1"
},
{
"name": "RHSA-2008:0136",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431518"
},
{
"name": "ADV-2008-0430",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0430"
},
{
"name": "28954",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28954"
},
{
"name": "30535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30535"
},
{
"name": "30188",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30188"
},
{
"name": "FEDORA-2008-1131",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894"
},
{
"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"name": "FEDORA-2008-1384",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html"
},
{
"name": "FEDORA-2008-1122",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html"
},
{
"name": "32608",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32608"
},
{
"name": "29070",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29070"
},
{
"name": "FEDORA-2008-3545",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html"
},
{
"name": "28848",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28848"
},
{
"name": "RHSA-2008:0135",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0135.html"
},
{
"name": "29069",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29069"
},
{
"name": "FEDORA-2008-1323",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html"
},
{
"name": "28867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28867"
},
{
"name": "1019309",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019309"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0054"
},
{
"name": "MDVSA-2008:041",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:041"
},
{
"name": "DSA-1491",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1491"
},
{
"name": "28807",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28807"
},
{
"name": "SUSE-SR:2008:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
},
{
"name": "30717",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30717"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-0553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30129"
},
{
"name": "28784",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28784"
},
{
"name": "RHSA-2008:0134",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html"
},
{
"name": "DSA-1598",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1598"
},
{
"name": "20080212 rPSA-2008-0054-1 tk",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488069/100/0/threaded"
},
{
"name": "ADV-2008-1744",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"name": "29622",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29622"
},
{
"name": "27655",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27655"
},
{
"name": "SUSE-SR:2008:008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
},
{
"name": "USN-664-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-664-1"
},
{
"name": "ADV-2008-1456",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1456/references"
},
{
"name": "28857",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28857"
},
{
"name": "30783",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30783"
},
{
"name": "https://issues.rpath.com/browse/RPL-2215",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2215"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"name": "oval:org.mitre.oval:def:10098",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098"
},
{
"name": "DSA-1490",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1490"
},
{
"name": "237465",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1"
},
{
"name": "RHSA-2008:0136",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=431518",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431518"
},
{
"name": "ADV-2008-0430",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0430"
},
{
"name": "28954",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28954"
},
{
"name": "30535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30535"
},
{
"name": "30188",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30188"
},
{
"name": "FEDORA-2008-1131",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894"
},
{
"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"name": "FEDORA-2008-1384",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html"
},
{
"name": "FEDORA-2008-1122",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html"
},
{
"name": "32608",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32608"
},
{
"name": "29070",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29070"
},
{
"name": "FEDORA-2008-3545",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html"
},
{
"name": "28848",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28848"
},
{
"name": "RHSA-2008:0135",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0135.html"
},
{
"name": "29069",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29069"
},
{
"name": "FEDORA-2008-1323",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html"
},
{
"name": "28867",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28867"
},
{
"name": "1019309",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019309"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0054",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0054"
},
{
"name": "MDVSA-2008:041",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:041"
},
{
"name": "DSA-1491",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1491"
},
{
"name": "28807",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28807"
},
{
"name": "SUSE-SR:2008:013",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
},
{
"name": "30717",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30717"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-0553",
"datePublished": "2008-02-07T20:00:00.000Z",
"dateReserved": "2008-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:46:55.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2008-0553",
"date": "2026-05-28",
"epss": "0.06015",
"percentile": "0.90832"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"8.4.17\", \"matchCriteriaId\": \"4DF6AAA4-A3BD-4436-B5A5-070AC79F260D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F06FEF3-A290-4256-ADB7-BC6E59A57852\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F451113-3A1C-455C-A328-149121C8C204\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:4.0p1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13A85D7C-DF70-4AF6-94F0-881D35082E48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E131184A-BD9E-41CF-B3D0-AB9E87834C25\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:6.1p1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"546DC29B-2A50-420A-AECD-EF526363AF2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25B5AC3C-9F3E-499F-9EA7-5A0F9A889934\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9819E03A-8A9E-4483-BBEB-4B3708798960\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"57D7BBC1-70C7-4509-B9A7-4B08615B1BBF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:6.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8CCF8D59-9712-4C55-A680-7DD7C17EE8C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:6.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF4B0EEA-735E-4BB6-96E4-133F293A7295\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2545F45-2F35-442B-84BA-DC7649E55672\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77D4364D-9BB0-47A2-BFA6-37C369C3E6B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A799BDBF-A56B-4125-A385-5FF87A0B069A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD4DCB1D-DD71-4C85-97E6-55AB467A8CBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:7.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"509225EF-4423-45AE-AC86-5CF7188DF7B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:7.5p1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B924063-CD33-44ED-BBB6-42FC6A12BD8A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C9F9F96-DE6F-4B77-8715-360543E95E19\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:7.6p2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F297D4B0-40DE-4728-B840-584441AB809B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65C60D84-229A-43CA-8481-5634A3CFBF1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"05182123-3F45-4936-A7F1-5B1328C81C13\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F9583698-C566-40DF-912F-325454C74F85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92E514C1-574A-41B3-84AB-50014CDAEE40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.0p2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A43DF20C-5EE3-45AC-A4B9-8C0DC9EC1840\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A3CFE21-4641-4982-9791-ABD3FE1311BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5FFF507-18EE-4C64-BB86-48C97D7C9CD6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C64F535C-A346-456F-AD99-8B135121390C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4B6F5E4-CE71-4359-8F05-4DF63E31BF6E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49767838-28BB-4B95-B70C-CD945B3E6559\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CEA597D-65CA-43B4-9742-F8FA7EB1CDB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1734A66C-D961-4740-82F4-F93B6D502C8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78F9AD15-E604-4048-97C2-480AF00BE3C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C10E232-F532-4F2E-9DA7-44C10719CAC2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A9E15B7-5018-4941-8DC9-A6FC84262F31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BB3FDAD-D0AD-410B-9FB3-001978DA0AE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.3.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4793F51C-293F-4A56-8789-B04FE3CBA958\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"270A67C9-96BC-4B36-8B66-2EFFB7708C6C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"955AA2E1-9B15-431C-8A24-DC2A06E24715\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03F55BFF-E9E1-4C97-A0DB-5F905406C55E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8536661B-E5A9-4D08-BC0E-0770A37E0545\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"574D7E14-49CE-478F-BD12-804F13146E2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5165B956-F82A-4500-8B04-ADA0A100C4EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37CB2CB3-BBC6-4F69-BDEB-53377444BD61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56710692-2D3A-4FB1-A3FD-8875946B7130\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"219B6B61-C2CE-418B-81A0-C9CEE6B9474A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18EA39DD-B688-420B-A0EC-CE6F99DE2BE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6103F8D2-277F-4ECF-B72C-90E97896758B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85C5C1CF-6DAF-4521-AFE9-606A5436C40A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B70C2629-E2C1-422D-BDFA-1E0495A5ED4C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89651A15-A000-42A8-9268-4014BF34410A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4B54926-8A20-4743-9F9B-D255A84FE6FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39901A5E-7CB4-42C8-90A1-25487BA0FC4D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA3ECB75-5962-4362-98CF-CC31F72ED021\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4a2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0689AA7-2B44-4202-B782-E47612115700\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4a3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC2BA9A0-AE55-4F30-B27D-E48F2371F29F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4a4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC8A3AA4-2236-40BA-99BB-A215B69230A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4b1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D892065-8B50-48FE-8716-09F351104FAC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.4b2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EDEEDB4-DA0A-45EF-A8BA-079671E10F8A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1EE930FC-E77F-4EB8-A3B8-E4B1A6433BFE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.5_a3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA27B876-A7F8-4805-B653-21D31D06CFB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.5a1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2872DCD-CD4E-4341-BE3F-0CED3F06B934\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.5a2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D3DE5A6-F00A-4AA5-9974-B8D2B1DE1084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.5a3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"514AD04E-39AE-49FB-AB26-B425F1D5B34D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.5a4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FE837C2-2C20-4F8B-A92C-0F5D97974522\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.5a5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA678572-F6AE-4CC3-AE58-D420D695A297\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.5a6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8D643E2-5344-4B34-AD4B-20B4870E40F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.5b1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41FEC657-2316-45B6-B9DC-1F87C9A74CB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.5b2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCEDEAA3-3EA8-4BF4-8A27-4F485AD60E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tcl_tk:tcl_tk:8.5b3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D387207-B013-4D8A-82C4-F4B6FB004E09\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.\"}, {\"lang\": \"es\", \"value\": \"Un desbordamiento de b\\u00fafer en la regi\\u00f3n stack de la memoria en la funci\\u00f3n ReadImage en el archivo tkImgGIF.c en Tk (Tcl/Tk) versiones anteriores a 8.5.1, permite a los atacantes remotos ejecutar c\\u00f3digo arbitrario por medio de una imagen GIF dise\\u00f1ada, un problema similar a CVE-2006-4484.\"}]",
"id": "CVE-2008-0553",
"lastModified": "2024-11-21T00:42:22.263",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2008-02-07T21:00:00.000",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/28784\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28807\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28848\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28857\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28867\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28954\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29069\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29070\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29622\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30129\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30188\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30535\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30717\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30783\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/32608\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://securitytracker.com/id?1019309\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://ubuntu.com/usn/usn-664-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://wiki.rpath.com/Advisories:rPSA-2008-0054\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2008/dsa-1490\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2008/dsa-1491\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2008/dsa-1598\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2008:041\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.novell.com/linux/security/advisories/2008_13_sr.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2008-0134.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2008-0135.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2008-0136.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/488069/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/493080/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/27655\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2008-0009.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0430\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1456/references\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1744\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=431518\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://issues.rpath.com/browse/RPL-2215\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/28784\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28807\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28848\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28857\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28867\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28954\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29069\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29070\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29622\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30129\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30188\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30535\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30717\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30783\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/32608\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1019309\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://ubuntu.com/usn/usn-664-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://wiki.rpath.com/Advisories:rPSA-2008-0054\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2008/dsa-1490\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2008/dsa-1491\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2008/dsa-1598\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2008:041\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.novell.com/linux/security/advisories/2008_13_sr.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2008-0134.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2008-0135.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2008-0136.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/488069/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/493080/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/27655\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2008-0009.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0430\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1456/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1744\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=431518\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://issues.rpath.com/browse/RPL-2215\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2008-0553\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2008-02-07T21:00:00.000\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.\"},{\"lang\":\"es\",\"value\":\"Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n ReadImage en el archivo tkImgGIF.c en Tk (Tcl/Tk) versiones anteriores a 8.5.1, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una imagen GIF dise\u00f1ada, un problema similar a CVE-2006-4484.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.4.17\",\"matchCriteriaId\":\"4DF6AAA4-A3BD-4436-B5A5-070AC79F260D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F06FEF3-A290-4256-ADB7-BC6E59A57852\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F451113-3A1C-455C-A328-149121C8C204\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:4.0p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13A85D7C-DF70-4AF6-94F0-881D35082E48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E131184A-BD9E-41CF-B3D0-AB9E87834C25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:6.1p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"546DC29B-2A50-420A-AECD-EF526363AF2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B5AC3C-9F3E-499F-9EA7-5A0F9A889934\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9819E03A-8A9E-4483-BBEB-4B3708798960\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57D7BBC1-70C7-4509-B9A7-4B08615B1BBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CCF8D59-9712-4C55-A680-7DD7C17EE8C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF4B0EEA-735E-4BB6-96E4-133F293A7295\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2545F45-2F35-442B-84BA-DC7649E55672\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77D4364D-9BB0-47A2-BFA6-37C369C3E6B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A799BDBF-A56B-4125-A385-5FF87A0B069A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD4DCB1D-DD71-4C85-97E6-55AB467A8CBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"509225EF-4423-45AE-AC86-5CF7188DF7B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:7.5p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B924063-CD33-44ED-BBB6-42FC6A12BD8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C9F9F96-DE6F-4B77-8715-360543E95E19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:7.6p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F297D4B0-40DE-4728-B840-584441AB809B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65C60D84-229A-43CA-8481-5634A3CFBF1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05182123-3F45-4936-A7F1-5B1328C81C13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9583698-C566-40DF-912F-325454C74F85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92E514C1-574A-41B3-84AB-50014CDAEE40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.0p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A43DF20C-5EE3-45AC-A4B9-8C0DC9EC1840\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A3CFE21-4641-4982-9791-ABD3FE1311BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5FFF507-18EE-4C64-BB86-48C97D7C9CD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C64F535C-A346-456F-AD99-8B135121390C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4B6F5E4-CE71-4359-8F05-4DF63E31BF6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49767838-28BB-4B95-B70C-CD945B3E6559\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CEA597D-65CA-43B4-9742-F8FA7EB1CDB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1734A66C-D961-4740-82F4-F93B6D502C8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78F9AD15-E604-4048-97C2-480AF00BE3C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C10E232-F532-4F2E-9DA7-44C10719CAC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A9E15B7-5018-4941-8DC9-A6FC84262F31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BB3FDAD-D0AD-410B-9FB3-001978DA0AE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4793F51C-293F-4A56-8789-B04FE3CBA958\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"270A67C9-96BC-4B36-8B66-2EFFB7708C6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"955AA2E1-9B15-431C-8A24-DC2A06E24715\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03F55BFF-E9E1-4C97-A0DB-5F905406C55E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8536661B-E5A9-4D08-BC0E-0770A37E0545\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"574D7E14-49CE-478F-BD12-804F13146E2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5165B956-F82A-4500-8B04-ADA0A100C4EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37CB2CB3-BBC6-4F69-BDEB-53377444BD61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56710692-2D3A-4FB1-A3FD-8875946B7130\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"219B6B61-C2CE-418B-81A0-C9CEE6B9474A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18EA39DD-B688-420B-A0EC-CE6F99DE2BE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6103F8D2-277F-4ECF-B72C-90E97896758B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85C5C1CF-6DAF-4521-AFE9-606A5436C40A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B70C2629-E2C1-422D-BDFA-1E0495A5ED4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89651A15-A000-42A8-9268-4014BF34410A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4B54926-8A20-4743-9F9B-D255A84FE6FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39901A5E-7CB4-42C8-90A1-25487BA0FC4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA3ECB75-5962-4362-98CF-CC31F72ED021\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4a2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0689AA7-2B44-4202-B782-E47612115700\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4a3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC2BA9A0-AE55-4F30-B27D-E48F2371F29F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4a4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC8A3AA4-2236-40BA-99BB-A215B69230A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4b1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D892065-8B50-48FE-8716-09F351104FAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.4b2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EDEEDB4-DA0A-45EF-A8BA-079671E10F8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EE930FC-E77F-4EB8-A3B8-E4B1A6433BFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.5_a3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA27B876-A7F8-4805-B653-21D31D06CFB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.5a1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2872DCD-CD4E-4341-BE3F-0CED3F06B934\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.5a2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D3DE5A6-F00A-4AA5-9974-B8D2B1DE1084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.5a3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"514AD04E-39AE-49FB-AB26-B425F1D5B34D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.5a4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FE837C2-2C20-4F8B-A92C-0F5D97974522\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.5a5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA678572-F6AE-4CC3-AE58-D420D695A297\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.5a6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8D643E2-5344-4B34-AD4B-20B4870E40F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.5b1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41FEC657-2316-45B6-B9DC-1F87C9A74CB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.5b2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCEDEAA3-3EA8-4BF4-8A27-4F485AD60E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcl_tk:tcl_tk:8.5b3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D387207-B013-4D8A-82C4-F4B6FB004E09\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/28784\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28807\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28848\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28857\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28867\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28954\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29069\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29070\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29622\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30129\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30188\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30535\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30717\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30783\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32608\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securitytracker.com/id?1019309\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://ubuntu.com/usn/usn-664-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2008-0054\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1490\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1491\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1598\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:041\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2008_13_sr.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0134.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0135.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0136.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/488069/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/493080/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/27655\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2008-0009.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0430\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1456/references\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1744\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=431518\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://issues.rpath.com/browse/RPL-2215\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28784\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28807\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28848\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28857\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28867\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28954\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29069\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29070\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29622\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30129\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30188\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30535\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30717\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30783\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32608\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1019309\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://ubuntu.com/usn/usn-664-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2008-0054\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1490\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1491\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1598\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:041\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2008_13_sr.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0134.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0135.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0136.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/488069/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/493080/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/27655\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2008-0009.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0430\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1456/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1744\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=431518\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.rpath.com/browse/RPL-2215\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…