Use of Uninitialized Variable

Overview Affected versions of this package are vulnerable to Use of Uninitialized Variable in the readMSAT function. An attacker can cause application crashes or potentially disclose sensitive information by submitting a specially crafted XLS file. Remediation There is no fixed version for libxls...

Linux Distros Unpatched Vulnerability : CVE-2018-20450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The readMSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service application crash via a crafted file, a...

libxls Denial of Service Vulnerability

libxls is a C library for reading Exce xls files. A denial of service vulnerability exists in the 'readMSATbody' function of the ole.c file in libxls version 1.4.0, which can be exploited by an attacker to cause a denial of service application crash with the help of a specially crafted file...

UBUNTU-CVE-2018-20450

The readMSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service application crash via a crafted file, a different vulnerability than CVE-2017-2897...

DEBIAN-CVE-2018-20452

The readMSATbody function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file, because of inconsistent memory management new versus free in ole2readheader in ole.c...

DEBIAN-CVE-2018-20450

The readMSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service application crash via a crafted file, a different vulnerability than CVE-2017-2897...

libxls out-of-bounds write vulnerability (CNVD-2017-37753)

libxls is a C library that can read Excel xls files. An out-of-bounds write vulnerability exists in the readMSAT function in libxls 1.4. An attacker can exploit this vulnerability by sending a malicious XLS file to cause a memory corruption that could lead to remote code execution...

DEBIAN-CVE-2017-2897

An exploitable out-of-bounds write vulnerability exists in the readMSAT function of libxls 1.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...

UBUNTU-CVE-2017-2897

An exploitable out-of-bounds write vulnerability exists in the readMSAT function of libxls 1.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...