Advisories ยป MGASA-2014-0086

Updated gnome-chemistry-utils, gnumeric and goffice packages fix security vulnerability

Publication date: 21 Feb 2014
Type: security
Affected Mageia releases : 3
CVE: CVE-2013-6836

Description

Heap-based buffer overflow in the ms_escher_get_data function in
plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9
allows remote attackers to cause a denial of service (crash) via
a crafted xls file with a crafted length value. (CVE-2013-6836)
                

References

SRPMS

3/core