CVE-2007-5378

EPSS 1.36% · P80 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-5378

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the first subimage is smaller than a subsequent subimage, which triggers the overflow in the ReadImage function, a different vulnerability than CVE-2007-5137.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

VMware 2008-0009更新修复多个安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

VMWare是一款虚拟PC软件，允许在一台机器上同时运行两个或多个Windows、DOS、LINUX系统。 VMWare的VMSA-2008-0009更新修复了多个安全漏洞，本地或远程攻击者可以利用这些漏洞绕过某些安全限制、获得权限提升、泄露敏感信息或导致拒绝服务。 1) 如果VMware guest操作系统安装了VMware工具软件包，就会在机器上加载hgfs.sys驱动。该驱动允许任何用户打开\\.\hgfs设备并以METHOD_NEITHER缓冲模式发布IOCTL，这可能允许以驱动参数的形式向内核地

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-5378

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-5378

请登录查看更多情报信息。

http://www.vmware.com/security/advisories/VMSA-2008-0009.htmlx_refsource_CONFIRM
https://sourceforge.net/tracker/?func=detail&atid=112997&aid=1458234&group_id=12997x_refsource_CONFIRM
http://secunia.com/advisories/27295third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30129third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/34297third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30535third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27806third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29070third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/26056vdb-entryx_refsource_BID
http://secunia.com/advisories/27207third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27801third-party-advisoryx_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1vendor-advisoryx_refsource_SUNALERT
http://www.debian.org/security/2007/dsa-1416vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2007/dsa-1415vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2009/dsa-1743vendor-advisoryx_refsource_DEBIAN
http://www.ubuntu.com/usn/usn-529-1vendor-advisoryx_refsource_UBUNTU
http://www.vupen.com/english/advisories/2008/1744vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/1456/referencesvdb-entryx_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2008-0135.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2008-0134.htmlvendor-advisoryx_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2007:200vendor-advisoryx_refsource_MANDRIVA
https://exchange.xforce.ibmcloud.com/vulnerabilities/37189vdb-entryx_refsource_XF
http://www.attrition.org/pipermail/vim/2007-October/001826.htmlmailing-listx_refsource_VIM
http://www.securityfocus.com/archive/1/493080/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2007-5378

Same Patch Batch · n/a · 2007-10-12 · 42 CVEs total

CVE-2007-5425		Interspire Interspire ActiveKB 'index.php' SQL代码注入漏洞
CVE-2007-5415		Mozilla Firefox UTF-7文件gopher URI跨站脚本攻击漏洞
CVE-2007-5416		Drupal rupal_eval函数数字值错误漏洞
CVE-2007-5417		BoastMachine 'index.php' 目录遍历漏洞
CVE-2007-5418		CARE2X 多个PHP远程文件包含漏洞
CVE-2007-5419		3Com OfficeConnect Wireless Cable/DSL Router 流量信息泄露漏洞
CVE-2007-5420		3Com OfficeConnect Wireless Cable/DSL Router 未授权远程管理和信息泄露漏洞
CVE-2007-5422		Sun Solaris Basic Security Module 审计网络事件拒绝服务漏洞
CVE-2007-5358		Digium Asterisk IMAP储存多个缓冲区溢出漏洞
CVE-2007-5423		TikiWiki 'Tiki-Graph_Formula.PHP'代码注入漏洞
CVE-2007-5424		PHP disable_functions特征安全绕过漏洞
CVE-2007-5414		Mozilla Firefox UTF-7代码跨站脚本攻击漏洞
CVE-2007-5426		Interspire ActiveKB NX URI的页参数多个跨站脚本攻击漏洞
CVE-2007-5427		Joomla! com_search组件searchword参数跨站脚本攻击漏洞
CVE-2007-5428		Umi-cms UMI CMS 'search_do/' 跨站脚本攻击漏洞
CVE-2007-5429		Nucleus CMS 'index.php ' 跨站脚本攻击漏洞
CVE-2007-5430		Scottmanktelow Stride 'main.php' SQL注入漏洞
CVE-2007-5431		JavaAtWork MyFTPUploader Module 'imageupload.js' 信息泄露漏洞
CVE-2007-5432		Scottmanktelow Stride 'login.php'信息泄露漏洞
CVE-2007-5433		Siteup 'index.cgi' 跨站脚本攻击漏洞

Showing top 20 of 42 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-5378

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2007-5378

I. Basic Information for CVE-2007-5378

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-5378

III. Intelligence Information for CVE-2007-5378

Same Patch Batch · n/a · 2007-10-12 · 42 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2007-5378

Leave a comment