CVE-2013-6836 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Gnumeric

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents5 sources

Severity

4.3MEDIUMNVD

EPSS

1.2%

top 21.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Gnome Gnumeric Debian Gnumeric

Timeline

PublishedDec 19

Latest updateMay 17

Description

Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

▶Debiangnome/gnumeric< 1.12.9-1+3

▶NVDgnome/gnumeric1.12.8+8

▶debiandebian/gnumeric< gnumeric 1.12.9-1 (bookworm)

Patches

Patch: git.gnome.org ↗Patch: git.gnome.org ↗

🔴Vulnerability Details

GHSA

GHSA-2252-2x7m-w7r8: Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher↗2022-05-17

▶

OSV

CVE-2013-6836: Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher↗2013-12-19

▶

📋Vendor Advisories

Debian

CVE-2013-6836: gnumeric - Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/m...↗2013

▶

💬Community

Bugzilla

CVE-2013-6836 gnumeric: heap-based buffer overflow in ms_escher_get_data function↗2013-12-19

▶

Bugzilla

CVE-2013-6836 gnumeric: heap-based buffer overflow in ms_escher_get_data function [epel-all]↗2013-12-19

▶

Bugzilla

CVE-2013-6836 gnumeric: heap-based buffer overflow in ms_escher_get_data function [fedora-all]↗2013-12-19

▶