2 matches found
Use of Uninitialized Variable
Overview Affected versions of this package are vulnerable to Use of Uninitialized Variable in the readMSAT function. An attacker can cause application crashes or potentially disclose sensitive information by submitting a specially crafted XLS file. Remediation There is no fixed version for libxls...
libxls out-of-bounds write vulnerability (CNVD-2017-37753)
libxls is a C library that can read Excel xls files. An out-of-bounds write vulnerability exists in the readMSAT function in libxls 1.4. An attacker can exploit this vulnerability by sending a malicious XLS file to cause a memory corruption that could lead to remote code execution...