CVE-2013-6836

描述

Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value.

受影響套件(1)

• Debian/gnumericfrom 0, < 1.12.9-1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-6836