Debian Gnumeric vulnerabilities

CVE-2013-6836 [MEDIUM] CVE-2013-6836: gnumeric - Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/m... Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value. Scope: local bookworm: resolved (fixed in 1.12.9-1) bullseye: resolved (fixed in 1.12.9-1) forky: resolved (fixed in 1.12.9-

CVE-2009-0318 [MEDIUM] CVE-2009-0318: gnumeric - Untrusted search path vulnerability in the GObject Python interpreter wrapper in... Untrusted search path vulnerability in the GObject Python interpreter wrapper in Gnumeric allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983). Scope: local bookworm: resolved (fixed in 1.8.4-3) bullseye: resolved (fixed in 1.8.4-3) fork

CVE-2008-0668 [CRITICAL] CVE-2008-0668: gnumeric - The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office G... The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party inform

CVE-2005-2491 [HIGH] CVE-2005-2491: gnumeric - Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE)... Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 1.5.1-1) bullseye: resolved (fixed i