CVE-2008-0668

Publication date 11 February 2008

Last updated 24 July 2024

Ubuntu priority

The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party information.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
gnumeric	7.10 gutsy	Fixed 1.7.11-1ubuntu3.1
	7.04 feisty	Fixed 1.7.8-0ubuntu1.1
	6.10 edgy	Fixed 1.7.0-1ubuntu4.1
	6.06 LTS dapper	Fixed 1.6.3-0ubuntu4.1

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
gnumeric	Vendor: http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:056

CVE-2008-0668

Status

Patch details

References

Related Ubuntu Security Notices (USN)

Other references