The remote Debian host is missing a security-related update.
Two buffer overflows have been found in the GIF image parsing code of Tk, a cross-platform graphical toolkit, which could lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-5137 It was discovered that libtk-img is prone to a buffer overflow via specially crafted multi-frame interlaced GIF files. - CVE-2007-5378 It was discovered that libtk-img is prone to a buffer overflow via specially crafted GIF files with certain subimage sizes.
Upgrade the libtk-img packages. For the stable distribution (lenny), these problems have been fixed in version 1.3-release-7+lenny1. For the oldstable distribution (etch), these problems have been fixed in version 1.3-15etch3.