SUSE CVE-2017-2924

An exploitable heap-based buffer overflow vulnerability exists in the readlegacybiff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...

UBUNTU-CVE-2017-2923

An exploitable heap based buffer overflow vulnerability exists in the 'readbiffnextrecord function' of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...

UBUNTU-CVE-2017-2924

An exploitable heap-based buffer overflow vulnerability exists in the readlegacybiff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...

FreeXL Heap Buffer Out-of-Bounds Read Vulnerability

FreeXL is an open source library for extracting valid data from Excel .xls spreadsheets developed by software developer Alessandro Furieri. A heap buffer out-of-bounds read vulnerability exists in the 'readminibiffnextrecord' function in versions of FreeXL prior to 1.0.5. An attacker could exploi...

DEBIAN-CVE-2018-7439

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the function readminibiffnextrecord...

Remote Code Execution (RCE) Via Heap-based Buffer Overflow Vulnerability

freexl is vulnerable to remote code execution RCE via heap based buffer overflow. The attackers can get full control over the heap overflow since it does not check the content and dimension of the XLS files input to the readlegacybiff function. The vulnerability can be triggered only when malicio...

FreeXL BIFF Dimension Marker Code Execution Vulnerability

Summary An exploitable heap-based buffer overflow vulnerability exists in the readlegacybiff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. Tested...

Microsoft Excel Sheet Name Memory Corruption - Ver2 (CVE-2007-3490)

Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formulae, and various data sources. The proprietary file format used for storing Microsoft Excel documents ...

Microsoft Excel Biff Record PtgName Entries Code Execution (MS10-080) - Ver2 (CVE-2010-3235)

Microsoft Excel is a popular spreadsheet application. A memory corruption vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly validate formula information upon opening a specially crafted Excel file. A remote...

Microsoft Excel Document Malformed BIFF Record Heap Overflow (MS09-067) - Ver2 (CVE-2009-3130)

Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this...

VulnCheck KEV: CVE-2009-1134

Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a BIFF file with a malformed Qsir 0x806 record object, aka...

CVE-2011-1512

Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR...

Heap overflow

Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR...

CORE-2010-0908: Lotus Notes XLS viewer malformed BIFF record heap overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ Lotus Notes XLS viewer malformed BIFF record heap overflow 1. Advisory Information Title: Lotus Notes XLS viewer malformed BIFF record heap overflow Advisory ID:...

Lotus Notes XLS viewer malformed BIFF record heap overflow

Core Security Technologies - Corelabs Advisory Lotus Notes XLS viewer malformed BIFF record heap overflow 1. Advisory Information Title: Lotus Notes XLS viewer malformed BIFF record heap overflow Advisory ID: CORE-2010-0908 Advisory URL:...

Microsoft Excel Biff Record PtgName Entries Code Execution (MS10-080; CVE-2010-3235)

Microsoft Excel is a popular spreadsheet application. A memory corruption vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly validate formula information upon opening a specially crafted Excel file. A remote...

Microsoft Excel Malformed Record Code Execution (MS06-012; CVE-2006-0031)

Microsoft Excel is a spreadsheet application released by the Microsoft Corporation. Its native file format is the Binary Interchange File Format BIFF, which is available in several versions. An Excel file contains information about the various spreadsheets that form an Excel workbook, the data an...

Microsoft Excel Set Font Handling Code Execution (MS07-023; CVE-2007-1203)

Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formulae, and various data sources. The proprietary file format used for storing Microsoft Excel documents ...

Heap overflow

Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a spreadsheet containing a malformed Binary File Format aka BIFF record that triggers memory corruption, ak...

CVE-2009-3130

Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a spreadsheet containing a malformed Binary File Format aka BIFF record that triggers memory corruption, ak...