CVE-2008-0668

Currently unrated

Key Information:

Vendor: Gnome
Status: Gnumeric
Vendor: CVE Published:; 11 February 2008

Summary

The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party information.

References

http://www.vupen.com/english/advisories/2008/0462

vdb-entryx_refsource_VUPEN

http://www.gnome.org/projects/gnumeric/announcements/1.8/...

x_refsource_CONFIRM

http://secunia.com/advisories/28948

third-party-advisoryx_refsource_SECUNIA

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 11, 2008
Vulnerability Reserved
Feb 11, 2008