VulnerableCode Package Details - pkg:deb/debian/gnumeric@1.4.3-4

Search for packages

Vulnerability	Summary	Fixed by
VCID-2kke-w7x2-5yaw Aliases: CVE-2008-0668	Several integer overflow vulnerabilities have been reported in Gnumeric, possibly resulting in user-assisted execution of arbitrary code.	1.8.3-5+lenny1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-8c6b-6hbz-y3hc Aliases: CVE-2013-6836	Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value.	1.12.18-2 Affected by 0 other vulnerabilities.
VCID-jnt2-3jj4-17cw Aliases: CVE-2009-0318	An untrusted search path vulnerability in Gnumeric might result in the execution of arbitrary code.	1.10.8-1squeeze5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-v2g6-h93b-euer Aliases: CVE-2005-2491	An integer overflow flaw was found in PCRE, a Perl-compatible regular expression library included within httpd. A local user who has the ability to create .htaccess files could create a maliciously crafted regular expression in such as way that they could gain the privileges of a httpd child.	1.6.3-5 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-2kke-w7x2-5yaw
Aliases:
CVE-2008-0668

Several integer overflow vulnerabilities have been reported in Gnumeric, possibly resulting in user-assisted execution of arbitrary code.

1.8.3-5+lenny1
Affected by 2 other vulnerabilities.

VCID-8c6b-6hbz-y3hc
Aliases:
CVE-2013-6836

Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value.

1.12.18-2
Affected by 0 other vulnerabilities.

VCID-jnt2-3jj4-17cw
Aliases:
CVE-2009-0318

An untrusted search path vulnerability in Gnumeric might result in the execution of arbitrary code.

1.10.8-1squeeze5
Affected by 1 other vulnerability.

VCID-v2g6-h93b-euer
Aliases:
CVE-2005-2491

An integer overflow flaw was found in PCRE, a Perl-compatible regular expression library included within httpd. A local user who has the ability to create .htaccess files could create a maliciously crafted regular expression in such as way that they could gain the privileges of a httpd child.

1.6.3-5
Affected by 3 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T18:55:24.592644+00:00	Debian Oval Importer	Affected by	VCID-jnt2-3jj4-17cw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:44:26.059867+00:00	Debian Oval Importer	Affected by	VCID-2kke-w7x2-5yaw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:30:00.075771+00:00	Debian Oval Importer	Affected by	VCID-8c6b-6hbz-y3hc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:54:32.168536+00:00	Debian Oval Importer	Affected by	VCID-v2g6-h93b-euer	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T18:39:41.364156+00:00	Debian Oval Importer	Affected by	VCID-jnt2-3jj4-17cw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:30:29.057779+00:00	Debian Oval Importer	Affected by	VCID-2kke-w7x2-5yaw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:16:25.524192+00:00	Debian Oval Importer	Affected by	VCID-8c6b-6hbz-y3hc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:41:13.826469+00:00	Debian Oval Importer	Affected by	VCID-v2g6-h93b-euer	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T18:24:51.822520+00:00	Debian Oval Importer	Affected by	VCID-jnt2-3jj4-17cw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:18:25.239386+00:00	Debian Oval Importer	Affected by	VCID-2kke-w7x2-5yaw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:05:01.965865+00:00	Debian Oval Importer	Affected by	VCID-8c6b-6hbz-y3hc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:31:45.240900+00:00	Debian Oval Importer	Affected by	VCID-v2g6-h93b-euer	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0