6 matches found
SUSE CVE-2026-26825
A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...
PT-2021-3293 · Microsoft · 365 +4
Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Microsoft 365 affected versions not specified Microsoft Office affected versions not specified Microsoft Office Online Server affected versions not specified Microsoft Office Web Apps Server...
The vulnerability of Microsoft Office packages and Microsoft Office Web Apps arises from improper code generation management, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office packages and Microsoft Office Web Apps is related to improper code generation during XLS file syntax analysis. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious file or a specially crafted malicious...
Stack Overflow Vulnerability in WPS Forms
WPS office is an office software suite independently developed by Kingsoft Corporation. A stack overflow vulnerability exists in WPS Formset.exe in WPS when parsing a specific xls file, which can be exploited by an attacker to cause a denial of service or code execution...
Memory Corruption Vulnerability in WPS Forms (CNVD-2017-34135)
WPS Office is an office software suite developed independently by Kingsoft Corporation. A memory corruption vulnerability exists in the etmain module of the form et.exe in WPS when parsing a specific xls file, which can be exploited by an attacker to cause a denial of service or code execution...
Oracle Fusion Middleware Outside In Excel File Parsing Integer Overflow
An integer overflow vulnerability ha been reported in Oracle Outside In...