Vulnerabilities > Gnome > Gnumeric > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-12-19 | CVE-2013-6836 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gnome Gnumeric Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value. | 4.3 |
| 2009-01-28 | CVE-2009-0318 | Remote Command Execution vulnerability in Gnumeric 'PySys_SetArgv' Untrusted search path vulnerability in the GObject Python interpreter wrapper in Gnumeric allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983). local gnome | 6.9 |