2 matches found
CVE-2017-12108
CVE-2017-12108 affects libxls 1.4. The issue is an exploitable integer overflow in the function xls_preparseWorkSheet when handling MULBLANK records, which can cause memory corruption and remote code execution if a specially crafted XLS file is processed. Attacker-controlled input is required (a ...
libxls xls_preparseWorkSheet MULBLANK Code Execution Vulnerability(CVE-2017-12108)
Summary An exploitable integer overflow vulnerability exists in the xlspreparseWorkSheet function of libxls 1.4 when handling a MULBLANK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this...