4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.033 Low
EPSS
Percentile
91.3%
Jodie Cunningham reports:
#1: A flaw was found in the way FreeXL reads sectors from
the input file. A specially crafted file could possibly
result in stack corruption near freexl.c:3752.
#2: A flaw was found in the function allocate_cells(). A
specially crafted file with invalid workbook dimensions
could possibly result in stack corruption near freexl.c:1074
#3: A flaw was found in the way FreeXL handles a premature EOF. A
specially crafted input file could possibly result in stack corruption
near freexl.c:1131
#4: FreeXL 1.0.0g did not properly check requests for workbook memory
allocation. A specially crafted input file could cause a Denial of
Service, or possibly write onto the stack.