Gnumeric 'PySys_SetArgv' Remote Command Execution Vulnerability

Bugtraq ID: 33438
Class: Design Error
CVE: CVE-2009-0318
Remote: Yes
Local: No
Published: Jan 26 2009 12:00AM
Updated: Apr 03 2009 11:56PM
Credit: Jan Lieskovsky
Vulnerable: Red Hat Fedora 9
Red Hat Fedora 10
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
Mandriva Linux Mandrake 2008.1 x86_64
Mandriva Linux Mandrake 2008.1
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
GNU Gnumeric 1.9.3
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.4
GNU Gnumeric 1.9.2
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.4
GNU Gnumeric 1.9.1
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.4
GNU Gnumeric 1.8.1
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.4
GNU Gnumeric 1.6.3
+ Debian Linux 4.0 sparc
+ Debian Linux 4.0 s/390
+ Debian Linux 4.0 powerpc
+ Debian Linux 4.0 mipsel
+ Debian Linux 4.0 mips
+ Debian Linux 4.0 m68k
+ Debian Linux 4.0 ia-64
+ Debian Linux 4.0 ia-32
+ Debian Linux 4.0 hppa
+ Debian Linux 4.0 arm
+ Debian Linux 4.0 amd64
+ Debian Linux 4.0 alpha
+ Debian Linux 4.0
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.4
+ Gentoo Linux 1.4
GNU Gnumeric 1.4.3
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.4
GNU Gnumeric 1.4.2
GNU Gnumeric 1.2.13
GNU Gnumeric 0.31
+ GNU Gnome 1.0
GNU Gnumeric 0.27
+ GNU Gnome 1.0
Gentoo Linux
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus