USN-604-1: Gnumeric vulnerability
22 April 2008
- gnumeric -
Thilo Pfennig and Morten Welinder discovered that the XLS spreadsheet
handling code in Gnumeric did not correctly calculate needed memory sizes.
If a user or automated system were tricked into loading a specially crafted
XLS document, a remote attacker could execute arbitrary code with user
The problem can be corrected by updating your system to the following package versions:
After a standard system upgrade you need to restart gnumeric to effect
the necessary changes.