{"id":"MGASA-2014-0086","summary":"Updated gnome-chemistry-utils, gnumeric and goffice packages fix security vulnerability","details":"Heap-based buffer overflow in the ms_escher_get_data function in\nplugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9\nallows remote attackers to cause a denial of service (crash) via\na crafted xls file with a crafted length value. (CVE-2013-6836)\n","modified":"2026-04-16T06:25:57.277924286Z","published":"2014-02-21T18:06:56Z","upstream":["CVE-2013-6836"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0086.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=12294"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1044857"}],"affected":[{"package":{"name":"gnome-chemistry-utils","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/gnome-chemistry-utils?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.14.5-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0086.json"}},{"package":{"name":"gnumeric","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/gnumeric?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.12.9-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0086.json"}},{"package":{"name":"goffice","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/goffice?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.10.9-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0086.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}