Mandriva Update For Gnumeric MDVSA-2008:056 (gnumeric) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability was found in the excel_read_HLINK function in the Microsoft Excel plugin in Gnumeric prior to version 1.8.1 that would allow for the execution of arbitrary code via a crafted XLS file containing XLS HLINK opcodes. The updated packages have been patched to correct this issues.

Affected

gnumeric on Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64, Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64

Severity

Classification

CVE CVE-2008-0668
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:111 (firefox)
Mandrake Security Advisory MDVSA-2009:055 (audacity)
Mandrake Security Advisory MDVSA-2009:057 (valgrind)
Mandrake Security Advisory MDVSA-2009:111-1 (firefox)
Mandrake Security Advisory MDVSA-2009:020 (xine-lib)

Mandriva Update for gnumeric MDVSA-2008:056 (gnumeric)

Take action and discover your vulnerabilities