Debian Security Advisory DSA 1491-1 (tk8.4) Network Vulnerability

Summary

The remote host is missing an update to tk8.4 announced via advisory DSA 1491-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201491-1

Insight

It was discovered that a buffer overflow in the GIF image parsing code of Tk, a cross-platform graphical toolkit, could lead to denial of service and potentially the execution of arbitrary code. For the stable distribution (etch), this problem has been fixed in version 8.4.12-1etch2. For the old stable distribution (sarge), this problem has been fixed in version 8.4.9-1sarge2. We recommend that you upgrade your tk8.4 packages.

Severity

Classification

CVE CVE-2008-0553
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1111-2 (kernel-source-2.6.8 et. al.)
Debian Security Advisory DSA 025-1 (openssh)
Debian Security Advisory DSA 055-1 (gftp)
Debian Security Advisory DSA 1081-1 (libextractor)
Debian Security Advisory DSA 1152-1 (trac)

Take action and discover your vulnerabilities