Updated gnome-chemistry-utils, gnumeric and goffice packages fix security vulnerability
Publication date: 21 Feb 2014Modification date: 21 Feb 2014
Type: security
Affected Mageia releases : 3
CVE: CVE-2013-6836
Description
Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value. (CVE-2013-6836)
References
SRPMS
3/core
- gnome-chemistry-utils-0.14.5-1.mga3
- gnumeric-1.12.9-1.mga3
- goffice-0.10.9-1.mga3