Mandriva Update For Tk MDVSA-2008:041 (tk) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The ReadImage() function in Tk did not check codeSize read from GIF images prior to initializing the append array, which could lead to a buffer overflow with unknown impact. The updated packages have been patched to correct this issue.

Affected

tk on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64, Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64, Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64

Severity

Classification

CVE CVE-2008-0553

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:180 (compface)
Mandrake Security Advisory MDVSA-2009:176 (git)
Mandrake Security Advisory MDVSA-2009:063 (eog)
Mandrake Security Advisory MDVSA-2009:181 (bind)
Mandrake Security Advisory MDVSA-2009:170 (initscripts)

Mandriva Update for tk MDVSA-2008:041 (tk)

Take action and discover your vulnerabilities