openSUSE Security Update : gnumeric (openSUSE-SU-2014:0138-1)

Add gnumeric-CVE-2013-6836.patch: fix Heap-buffer-overflow in mseschergetdata on a fuzzed xls file bnc856254, bgo712772, CVE-2013-6838. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

CVE-2013-6836

Heap-based buffer overflow in the mseschergetdata function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service crash via a crafted xls file with a crafted length value...

CVE-2013-6836

Heap-based buffer overflow in the mseschergetdata function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service crash via a crafted xls file with a crafted length value...

CVE-2013-6836

Heap-based buffer overflow in the mseschergetdata function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service crash via a crafted xls file with a crafted length value...

CVE-2013-6836

CVE-2013-6836 affects GNOME Office Gnumeric, with a heap-based buffer overflow in the ms_escher_get_data function when processing crafted xls files. A crafted length value in an xls file can trigger a denial of service (crash) against Gnumeric versions before 1.12.9. Mitigation in the connected d...