Debian Security Advisory DSA 1491-1 (tk8.4) Network Vulnerability

Summary

The remote host is missing an update to tk8.4 announced via advisory DSA 1491-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201491-1

Insight

It was discovered that a buffer overflow in the GIF image parsing code of Tk, a cross-platform graphical toolkit, could lead to denial of service and potentially the execution of arbitrary code. For the stable distribution (etch), this problem has been fixed in version 8.4.12-1etch2. For the old stable distribution (sarge), this problem has been fixed in version 8.4.9-1sarge2. We recommend that you upgrade your tk8.4 packages.

Severity

Classification

CVE CVE-2008-0553

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 007-1 (zope)
Debian Security Advisory DSA 062-1 (rxvt)
Debian Security Advisory DSA 1048-1 (asterisk)
Debian Security Advisory DSA 1090-1 (spamassassin)
Debian Security Advisory DSA 1074-1 (mpg123)

Take action and discover your vulnerabilities