An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this...
8.8CVSS
9AI Score
0.021EPSS
An exploitable heap-based buffer overflow vulnerability exists in the read_legacy_biff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this...
8.8CVSS
9AI Score
0.021EPSS
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the function...
8.8CVSS
8.5AI Score
0.005EPSS
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a pointer dereference of the parse_SST...
8.8CVSS
8.5AI Score
0.005EPSS
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a memcpy call of the parse_SST...
8.8CVSS
8.5AI Score
0.005EPSS
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parse_unicode_string...
8.8CVSS
8.5AI Score
0.005EPSS
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the freexl::destroy_cell...
8.8CVSS
8.5AI Score
0.005EPSS
The parse_SST function in FreeXL before 1.0.0i allows remote attackers to cause a denial of service (memory consumption) via a crafted shared strings table in a...
6.3AI Score
0.033EPSS
FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) and possibly execute arbitrary code via a crafted workbook, related to a "premature...
7.6AI Score
0.05EPSS
FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) or possibly execute arbitrary code via a crafted sector in a...
7.8AI Score
0.042EPSS