Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0668

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-0668
Last Modified 07 Mar 2011 10:05:04
Published 11 Feb 2008 04:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0668

Summary

The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Gnome Gnumeric 1.7.91


References

CONFIRM - http://www.gnome.org/projects/gnumeric/announcements/1.8/gnumeric-1.8.1.shtml

SECUNIA - 28799

FEDORA - FEDORA-2008-1403

FEDORA - FEDORA-2008-1313

VUPEN - ADV-2008-0462

BID - 27536

SECUNIA - 31339

SECUNIA - 28725

SUSE - SUSE-SR:2008:016

CONFIRM - http://bugzilla.gnome.org/show_bug.cgi?id=505330

UBUNTU - USN-604-1

MANDRIVA - MDVSA-2008:056

DEBIAN - DSA-1546

GENTOO - GLSA-200802-05

SECUNIA - 29896

SECUNIA - 29702

SECUNIA - 28948

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=208356


Last Updated: 27 May 2016 10:46:53