VulnerableCode Package Details - pkg:deb/debian/gnumeric@1.6.3-5.1%2Betch2

Search for packages

Vulnerability	Summary	Fixed by
VCID-2kke-w7x2-5yaw Aliases: CVE-2008-0668	Several integer overflow vulnerabilities have been reported in Gnumeric, possibly resulting in user-assisted execution of arbitrary code.	1.8.3-5+lenny1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-8c6b-6hbz-y3hc Aliases: CVE-2013-6836	Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value.	1.12.18-2 Affected by 0 other vulnerabilities.
VCID-jnt2-3jj4-17cw Aliases: CVE-2009-0318	An untrusted search path vulnerability in Gnumeric might result in the execution of arbitrary code.	1.10.8-1squeeze5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-2kke-w7x2-5yaw
Aliases:
CVE-2008-0668

Several integer overflow vulnerabilities have been reported in Gnumeric, possibly resulting in user-assisted execution of arbitrary code.

1.8.3-5+lenny1
Affected by 2 other vulnerabilities.

VCID-8c6b-6hbz-y3hc
Aliases:
CVE-2013-6836

Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value.

1.12.18-2
Affected by 0 other vulnerabilities.

VCID-jnt2-3jj4-17cw
Aliases:
CVE-2009-0318

An untrusted search path vulnerability in Gnumeric might result in the execution of arbitrary code.

1.10.8-1squeeze5
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T18:55:24.600409+00:00	Debian Oval Importer	Affected by	VCID-jnt2-3jj4-17cw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:44:26.066490+00:00	Debian Oval Importer	Affected by	VCID-2kke-w7x2-5yaw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:30:00.082850+00:00	Debian Oval Importer	Affected by	VCID-8c6b-6hbz-y3hc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T18:39:41.370860+00:00	Debian Oval Importer	Affected by	VCID-jnt2-3jj4-17cw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:30:29.065813+00:00	Debian Oval Importer	Affected by	VCID-2kke-w7x2-5yaw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:16:25.531522+00:00	Debian Oval Importer	Affected by	VCID-8c6b-6hbz-y3hc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T18:24:51.832121+00:00	Debian Oval Importer	Affected by	VCID-jnt2-3jj4-17cw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:18:25.249063+00:00	Debian Oval Importer	Affected by	VCID-2kke-w7x2-5yaw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:05:01.975658+00:00	Debian Oval Importer	Affected by	VCID-8c6b-6hbz-y3hc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0