Computer Security
[EN] securityvulns.ru no-pyccku


Gnumeric buffer overflow
Published:13.02.2008
Source:
SecurityVulns ID:8683
Type:client
Threat Level:
5/10
Description:Buffer overflow on .XLS files parsing.
Affected:GNUMERIC : gnumeric 1.8
CVE:CVE-2008-0668 (The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party information.)
Original documentdocumentGENTOO, [Full-disclosure] [ GLSA 200802-05 ] Gnumeric: User-assisted execution of arbitrary code (13.02.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod