Ubuntu Security Notice 604-1 - Thilo Pfennig and Morten Welinder discovered that the XLS spreadsheet handling code in Gnumeric did not correctly calculate needed memory sizes. If a user or automated system were tricked into loading a specially crafted XLS document, a remote attacker could execute arbitrary code with user privileges.
990e40906caef2fdd3b2791c539e7f9a06adc8208c2193a001b4f35df9f8d3b1
Debian Security Advisory 1546-1 - Thilo Pfennig and Morten Welinder discovered several integer overflow weaknesses in Gnumeric, a GNOME spreadsheet application. These vulnerabilities could result in the execution of arbitrary code through the opening of a maliciously crafted Excel spreadsheet.
137ce427cb51f3a2a9023931ca0ec415e7edf60ee595db65106dd886d1da1c6a
Mandriva Linux Security Advisory - A vulnerability was found in the excel_read_HLINK function in the Microsoft Excel plugin in Gnumeric prior to version 1.8.1 that would allow for the execution of arbitrary code via a crafted XLS file containing XLS HLINK opcodes.
729e13042570e0a5e94ffd2c41f67775327ad84c3683758d2df4fc08db4fc11a
Gentoo Linux Security Advisory GLSA 200802-05 - Multiple integer overflow and signedness errors have been reported in the excel_read_HLINK() function in file plugins/excel/ms-excel-read.c when processing XLS HLINK opcodes. Versions less than 1.8.1 are affected.
e7a54a5d92b2bada86244aa96b1f938b9a165a9f7729f5c96987c2037bb71ce9