[gnumeric] [CVE-2008-0668] possible execution of arbitrary code via a crafted XLS file
Bug #198662 reported by
disabled.user
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| gnumeric (Ubuntu) |
Fix Released
|
Low
|
Kees Cook | ||
Bug Description
Binary package hint: gnumeric
References:
MDVSA-2008:056 (http://
Quoting:
"A vulnerability was found in the excel_read_HLINK function in the
Microsoft Excel plugin in Gnumeric prior to version 1.8.1 that would
allow for the execution of arbitrary code via a crafted XLS file
containing XLS HLINK opcodes."
CVE References
Revision history for this message
| Kees Cook (kees) wrote | #1 |
| Changed in gnumeric: | |
| assignee: | nobody → keescook |
| importance: | Undecided → Low |
| status: | New → Fix Released |
To post a comment you must log in.
This problem has been addressed with the following USN: http://