CVE-2007-4772

Name of the Vulnerable Software and Affected Versions tcl versions prior to 8.4.17 tcl-devel versions 8.3.5 tclx version 8.3 tcllib version 1.0 tcltk versions 8.3.3 and 8.3.5

Description The issue affects the regular expression parser in TCL, allowing context-dependent attackers to cause a denial of service via a crafted regular expression. Multiple vulnerabilities in various TCL packages in Red Hat Enterprise Linux can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.

Recommendations For tcl versions prior to 8.4.17, update to version 8.4.17 or later. For tcl-devel version 8.3.5, consider disabling the vulnerable package until a patch is available. For tclx version 8.3, restrict access to the vulnerable package to minimize the risk of exploitation. For tcllib version 1.0, avoid using the vulnerable library until the issue is resolved. For tcltk versions 8.3.3 and 8.3.5, consider temporarily disabling the vulnerable package until a patch is available.