CVE-2008-0668

Publication date 11 February 2008

Last updated 24 July 2024


Ubuntu priority

The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party information.

Status

Package Ubuntu Release Status
gnumeric 7.10 gutsy
Fixed 1.7.11-1ubuntu3.1
7.04 feisty
Fixed 1.7.8-0ubuntu1.1
6.10 edgy
Fixed 1.7.0-1ubuntu4.1
6.06 LTS dapper
Fixed 1.6.3-0ubuntu4.1

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
gnumeric

References

Related Ubuntu Security Notices (USN)

    • USN-604-1
    • Gnumeric vulnerability
    • 22 April 2008

Other references