CVE-2008-0668 - OpenCVE

The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party information.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Gnome	Gnumeric
Redhat	Fedora

Configuration 1 [-]

AND

OR	cpe:2.3:o:redhat:fedora:7:::::::*
	cpe:2.3:o:redhat:fedora:8:::::::*

cpe:2.3:a:gnome:gnumeric:*:*:*:*:*:*:*:*

References

Link	Resource
http://bugs.gentoo.org/show_bug.cgi?id=208356
http://bugzilla.gnome.org/show_bug.cgi?id=505330
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html
http://secunia.com/advisories/28725/	Vendor Advisory
http://secunia.com/advisories/28799	Patch Vendor Advisory
http://secunia.com/advisories/28948
http://secunia.com/advisories/29702
http://secunia.com/advisories/29896
http://secunia.com/advisories/31339
http://security.gentoo.org/glsa/glsa-200802-05.xml
http://www.debian.org/security/2008/dsa-1546
http://www.gnome.org/projects/gnumeric/announcements/1.8/gnumeric-1.8.1.shtml	Patch
http://www.mandriva.com/security/advisories?name=MDVSA-2008:056
http://www.securityfocus.com/bid/27536
http://www.ubuntu.com/usn/usn-604-1
http://www.vupen.com/english/advisories/2008/0462
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00114.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00227.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2008-02-11T20:00:00

Updated: 2008-02-14T10:00:00

Reserved: 2008-02-11T00:00:00

Link: CVE-2008-0668

JSON object: View

NVD Information

Status : Modified

Published: 2008-02-11T21:00:00.000

Modified: 2011-03-08T03:05:04.750

Link: CVE-2008-0668

JSON object: View

Redhat Information

No data.

CWE

CWE-189

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-02-08T00:00:00", "descriptions": [{"lang": "en", "value": "The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2008-02-14T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2008-0462", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0462"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.gnome.org/projects/gnumeric/announcements/1.8/gnumeric-1.8.1.shtml"}, {"name": "28948", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28948"}, {"name": "FEDORA-2008-1313", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00114.html"}, {"name": "USN-604-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-604-1"}, {"name": "MDVSA-2008:056", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:056"}, {"name": "SUSE-SR:2008:016", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html"}, {"name": "DSA-1546", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1546"}, {"name": "27536", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/27536"}, {"name": "29896", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29896"}, {"name": "29702", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29702"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugzilla.gnome.org/show_bug.cgi?id=505330"}, {"name": "28799", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28799"}, {"name": "FEDORA-2008-1403", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00227.html"}, {"name": "GLSA-200802-05", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200802-05.xml"}, {"name": "28725", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28725/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=208356"}, {"name": "31339", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31339"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-0668", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2008-0462", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0462"}, {"name": "http://www.gnome.org/projects/gnumeric/announcements/1.8/gnumeric-1.8.1.shtml", "refsource": "CONFIRM", "url": "http://www.gnome.org/projects/gnumeric/announcements/1.8/gnumeric-1.8.1.shtml"}, {"name": "28948", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28948"}, {"name": "FEDORA-2008-1313", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00114.html"}, {"name": "USN-604-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-604-1"}, {"name": "MDVSA-2008:056", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:056"}, {"name": "SUSE-SR:2008:016", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html"}, {"name": "DSA-1546", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1546"}, {"name": "27536", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27536"}, {"name": "29896", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29896"}, {"name": "29702", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29702"}, {"name": "http://bugzilla.gnome.org/show_bug.cgi?id=505330", "refsource": "CONFIRM", "url": "http://bugzilla.gnome.org/show_bug.cgi?id=505330"}, {"name": "28799", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28799"}, {"name": "FEDORA-2008-1403", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00227.html"}, {"name": "GLSA-200802-05", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200802-05.xml"}, {"name": "28725", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28725/"}, {"name": "http://bugs.gentoo.org/show_bug.cgi?id=208356", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=208356"}, {"name": "31339", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31339"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-0668", "datePublished": "2008-02-11T20:00:00", "dateReserved": "2008-02-11T00:00:00", "dateUpdated": "2008-02-14T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:fedora:7:*:*:*:*:*:*:*", "matchCriteriaId": "EE2027FA-357A-4BE3-9043-6DE8307C040A", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:fedora:8:*:*:*:*:*:*:*", "matchCriteriaId": "C8E8256F-3FB6-45B2-8F03-02A61C10FAF0", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:gnome:gnumeric:*:*:*:*:*:*:*:*", "matchCriteriaId": "325E60CA-9D69-4D35-AD9B-54F0596C537B", "versionEndIncluding": "1.7.91", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "La funci\u00f3n excel_read_HLINK en plugins/excel/ms-excel-read.c de Gnome Office Gnumeric antes de 1.8.1. Permite a atacantes remotos ayudados por el usuario ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo XLS manipulado que contiene opcodes XLS HLINK, posiblemente debido a un desbordamiento de integer. NOTA: algunos de estos detalles se han obtenido de informaci\u00f3n de terceros."}], "id": "CVE-2008-0668", "lastModified": "2011-03-08T03:05:04.750", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-02-11T21:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://bugs.gentoo.org/show_bug.cgi?id=208356"}, {"source": "cve@mitre.org", "url": "http://bugzilla.gnome.org/show_bug.cgi?id=505330"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28725/"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/28799"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/28948"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/29702"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/29896"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/31339"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200802-05.xml"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1546"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.gnome.org/projects/gnumeric/announcements/1.8/gnumeric-1.8.1.shtml"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:056"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/27536"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-604-1"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0462"}, {"source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00114.html"}, {"source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00227.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}