Heap-based Buffer Overflow in Gnumeric's ms_escher_get_data Function
CVE-2013-6836 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:N/A:P
Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file with a crafted length value.
Learn more about our Cis Benchmark Audit For Microsoft Office.