Gnumeric XLS HLINK Opcode Handling Remote Arbitrary Code Execution Vulnerability

Bugtraq ID: 27536
Class: Boundary Condition Error
CVE: CVE-2008-0668
Remote: Yes
Local: No
Published: Jan 31 2008 12:00AM
Updated: Aug 08 2008 06:16PM
Credit: The vendor and Secunia Research disclosed this issue.
Vulnerable: Ubuntu Ubuntu Linux 7.10 sparc
Ubuntu Ubuntu Linux 7.10 powerpc
Ubuntu Ubuntu Linux 7.10 i386
Ubuntu Ubuntu Linux 7.10 amd64
Ubuntu Ubuntu Linux 7.04 sparc
Ubuntu Ubuntu Linux 7.04 powerpc
Ubuntu Ubuntu Linux 7.04 i386
Ubuntu Ubuntu Linux 7.04 amd64
Ubuntu Ubuntu Linux 6.10 sparc
Ubuntu Ubuntu Linux 6.10 powerpc
Ubuntu Ubuntu Linux 6.10 i386
Ubuntu Ubuntu Linux 6.10 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
Red Hat Fedora 8
Red Hat Fedora 7
Mandriva Linux Mandrake 2008.0 x86_64
Mandriva Linux Mandrake 2008.0
Mandriva Linux Mandrake 2007.1 x86_64
Mandriva Linux Mandrake 2007.1
GNU Gnumeric 1.6.3
+ Debian Linux 4.0 sparc
 + Debian Linux 4.0 s/390
 + Debian Linux 4.0 powerpc
 + Debian Linux 4.0 mipsel
 + Debian Linux 4.0 mips
 + Debian Linux 4.0 m68k
 + Debian Linux 4.0 ia-64
 + Debian Linux 4.0 ia-32
 + Debian Linux 4.0 hppa
 + Debian Linux 4.0 arm
 + Debian Linux 4.0 amd64
 + Debian Linux 4.0 alpha
 + Debian Linux 4.0
 + Gentoo Linux 1.4 _rc3
 + Gentoo Linux 1.4 _rc2
 + Gentoo Linux 1.4 _rc2
 + Gentoo Linux 1.4 _rc1
 + Gentoo Linux 1.4 _rc1
 + Gentoo Linux 1.4
+ Gentoo Linux 1.4
Gentoo Linux
Not Vulnerable: GNU Gnumeric 1.8.1
+ Gentoo Linux 1.4 _rc3
 + Gentoo Linux 1.4 _rc2
 + Gentoo Linux 1.4 _rc1
 + Gentoo Linux 1.4


 

Privacy Statement
Copyright 2010, SecurityFocus