DEBIAN-CVE-2026-26824

libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table MSAT in readMSAT is not fully initialized before being consumed by ole2validatesectorchain, which may result in application crashe...

PT-2026-46057

Name of the Vulnerable Software and Affected Versions libxls versions prior to 1.6.4 Description The OLE container parser contains an issue where memory allocated for the Master Sector Allocation Table MSAT in the read MSAT function is not fully initialized before being used by the ole2 validate...

EUVD-2017-12060

Malware in sbrugna...

EUVD-2019-14639

Malware in sbrugna...

EUVD-2008-0678

Malware in sbrugna...

PT-2023-26632 · Libxls +1 · Libxls +1

Name of the Vulnerable Software and Affected Versions: libxls version 1.6.2 Description: The issue allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls parseWorkBook function in xls.c:1018. This is a buffer overflow vulnerability...

PT-2023-26633 · Libxls +1 · Libxls +1

Name of the Vulnerable Software and Affected Versions: libxlsv version 1.6.2 Description: The issue allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode decode wcstombs function in xlstool.c:266. This can lead to the execution of...

CVE-2008-0668

The excelreadHLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow...