Lucene search

[email protected]NVD:CVE-2013-6836

HistoryDec 19, 2013 - 4:24 a.m.

CVE-2013-6836

2013-12-1904:24:57

CWE-119

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.6%

JSON

Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value.

Affected configurations

NVD

Node

gnomegnumericRange≤1.12.8

gnomegnumericMatch1.12.0

gnomegnumericMatch1.12.1

gnomegnumericMatch1.12.2

gnomegnumericMatch1.12.3

gnomegnumericMatch1.12.4

gnomegnumericMatch1.12.5

gnomegnumericMatch1.12.6

gnomegnumericMatch1.12.7

References

lists.opensuse.org/opensuse-updates/2014-02/msg00018.html

secunia.com/advisories/56678

www.securityfocus.com/bid/64459

bugzilla.gnome.org/show_bug.cgi?id=712772

git.gnome.org/browse/gnumeric/commit/?id=b5480b69345b3c6d56ee0ed9c9e9880bb2a08cdc

projects.gnome.org/gnumeric/announcements/1.12/gnumeric-1.12.9.shtml

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.6%

JSON

Related for NVD:CVE-2013-6836

openvas17 cve1 nessus4 fedora9 mageia1 prion1 cvelist1 ubuntucve1 debiancve1