Debian Security Advisory DSA 1490-1 (tk8.3) Network Vulnerability

Summary

The remote host is missing an update to tk8.3 announced via advisory DSA 1490-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201490-1

Insight

It was discovered that a buffer overflow in the GIF image parsing code of Tk, a cross-platform graphical toolkit, could lead to denial of service and potentially the execution of arbitrary code. For the stable distribution (etch), this problem has been fixed in version 8.3.5-6etch2. For the old stable distribution (sarge), this problem has been fixed in version 8.3.5-4sarge1. We recommend that you upgrade your tk8.3 packages.

Severity

Classification

CVE CVE-2008-0553
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1099-1 (horde2)
Debian Security Advisory DSA 1140-1 (gnupg)
Debian Security Advisory DSA 1014-1 (firebird2)
Debian Security Advisory DSA 1059-1 (quagga)
Debian Security Advisory DSA 1121-1 (postgrey)

Take action and discover your vulnerabilities