Tcl/Tk Tk Toolkit 'ReadImage()' GIF File Buffer Overflow Vulnerability

Tcl/Tk Tk Toolkit 'ReadImage()' GIF File Buffer Overflow Vulnerability

TCL/TK Tk Toolkit is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied GIF image data before copying it to an insufficiently sized buffer.

Successful exploits may allow attackers to execute arbitrary code in the context of applications that use the affected toolkit. Failed exploit attempts likely result in denial-of-service conditions.

Versions prior to Tcl/Tk 8.5.1 are vulnerable to this issue.