freexl -- multiple vulnerabilities

2015-03-24T00:00:00
ID AC98D090-45CC-11E5-ADDE-14DAE9D210B8
Type freebsd
Reporter FreeBSD
Modified 2015-03-24T00:00:00

Description

Jodie Cunningham reports:

1: A flaw was found in the way FreeXL reads sectors from

    the input file. A specially crafted file could possibly
    result in stack corruption near freexl.c:3752.

2: A flaw was found in the function allocate_cells(). A

    specially crafted file with invalid workbook dimensions
    could possibly result in stack corruption near freexl.c:1074

3: A flaw was found in the way FreeXL handles a premature EOF. A

    specially crafted input file could possibly result in stack corruption
    near freexl.c:1131

4: FreeXL 1.0.0g did not properly check requests for workbook memory

    allocation. A specially crafted input file could cause a Denial of
    Service, or possibly write onto the stack.