Mandriva Update For Gnumeric MDVSA-2008:056 (gnumeric) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability was found in the excel_read_HLINK function in the Microsoft Excel plugin in Gnumeric prior to version 1.8.1 that would allow for the execution of arbitrary code via a crafted XLS file containing XLS HLINK opcodes. The updated packages have been patched to correct this issues.

Affected

gnumeric on Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64, Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64

Severity

Classification

CVE CVE-2008-0668

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:030 (amarok)
Mandrake Security Advisory MDVSA-2009:062 (shadow-utils)
Mandrake Security Advisory MDVSA-2009:182 (firefox)
Mandrake Security Advisory MDVSA-2009:015 (ffmpeg)
Mandrake Security Advisory MDVSA-2009:099 (openafs)

Mandriva Update for gnumeric MDVSA-2008:056 (gnumeric)

Take action and discover your vulnerabilities