Mandriva Update For Tk MDKSA-2007:200 (tk) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerablity in Tk was found that could be used to overrun a buffer when loading certain GIF images. If a user were tricked into opening a specially crafted GIF file, it could lead to a denial of service condition or possibly the execution of arbitrary code with the user's privileges. Updated packages have been patched to prevent this issue.

Affected

tk on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64, Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64, Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64

Severity

Classification

CVE CVE-2007-5137, CVE-2007-5378
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:176 (git)
Mandrake Security Advisory MDVSA-2009:038 (blender)
Mandrake Security Advisory MDVSA-2009:124 (apache)
Mandrake Security Advisory MDVSA-2009:136 (tomcat5)
Mandrake Security Advisory MDVSA-2009:138 (tomcat5)

Mandriva Update for tk MDKSA-2007:200 (tk)

Take action and discover your vulnerabilities