2 matches found
CVE-2018-20452
CVE-2018-20452 affects libxls 1.4.0, where an invalid free in read_MSAT_body (and related memory handling in ole2_read_header in ole.c) can lead to a denial of service (application crash) or potentially other impact via crafted files. Multiple connected sources confirm the vulnerability resides i...
CVE-2018-20452
The readMSATbody function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file, because of inconsistent memory management new versus free in ole2readheader in ole.c...