Gnumeric 'PySys_SetArgv' Remote Command Execution Vulnerability

Bugtraq ID: 33438
Class: Design Error
CVE: CVE-2009-0318
Remote: Yes
Local: No
Published: Jan 26 2009 12:00AM
Updated: Apr 13 2015 10:03PM
Credit: Jan Lieskovsky
Vulnerable: Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
Mandriva Linux Mandrake 2008.1 x86_64
Mandriva Linux Mandrake 2008.1
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
GNU Gnumeric 1.9.3
+ Gentoo Linux 1.4 _rc3
 + Gentoo Linux 1.4 _rc2
 + Gentoo Linux 1.4 _rc1
 + Gentoo Linux 1.4
GNU Gnumeric 1.9.2
+ Gentoo Linux 1.4 _rc3
 + Gentoo Linux 1.4 _rc2
 + Gentoo Linux 1.4 _rc1
 + Gentoo Linux 1.4
GNU Gnumeric 1.9.1
+ Gentoo Linux 1.4 _rc3
 + Gentoo Linux 1.4 _rc2
 + Gentoo Linux 1.4 _rc1
 + Gentoo Linux 1.4
GNU Gnumeric 1.8.1
+ Gentoo Linux 1.4 _rc3
 + Gentoo Linux 1.4 _rc2
 + Gentoo Linux 1.4 _rc1
 + Gentoo Linux 1.4
GNU Gnumeric 1.6.3
+ Debian Linux 4.0 sparc
 + Debian Linux 4.0 s/390
 + Debian Linux 4.0 powerpc
 + Debian Linux 4.0 mipsel
 + Debian Linux 4.0 mips
 + Debian Linux 4.0 m68k
 + Debian Linux 4.0 ia-64
 + Debian Linux 4.0 ia-32
 + Debian Linux 4.0 hppa
 + Debian Linux 4.0 arm
 + Debian Linux 4.0 amd64
 + Debian Linux 4.0 alpha
 + Debian Linux 4.0
 + Gentoo Linux 1.4 _rc3
 + Gentoo Linux 1.4 _rc2
 + Gentoo Linux 1.4 _rc2
 + Gentoo Linux 1.4 _rc1
 + Gentoo Linux 1.4 _rc1
 + Gentoo Linux 1.4
+ Gentoo Linux 1.4
GNU Gnumeric 1.4.3
+ Gentoo Linux 1.4 _rc3
 + Gentoo Linux 1.4 _rc2
 + Gentoo Linux 1.4 _rc1
 + Gentoo Linux 1.4
GNU Gnumeric 1.4.2
GNU Gnumeric 1.2.13
GNU Gnumeric 0.31
+ GNU Gnome 1.0
GNU Gnumeric 0.27
+ GNU Gnome 1.0
Gentoo Linux
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus