Lucene search

K
Libxls ProjectLibxls

18 matches found

CVE
CVE
added 2021/02/23 4:15 a.m.148 views

CVE-2020-27819

An issue was discovered in libxls before and including 1.6.1 when reading Microsoft Excel files. A NULL pointer dereference vulnerability exists when parsing XLS cells in libxls/xls2csv.c:199. It could allow a remote attacker to cause a denial of service via crafted XLS file.

5.5CVSS5.1AI score0.00269EPSS
CVE
CVE
added 2023/08/15 5:15 p.m.146 views

CVE-2023-38852

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266.

6.5CVSS6.8AI score0.00898EPSS
CVE
CVE
added 2023/08/15 5:15 p.m.113 views

CVE-2023-38851

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018.

6.5CVSS6.9AI score0.00754EPSS
CVE
CVE
added 2023/08/15 5:15 p.m.104 views

CVE-2023-38854

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296.

6.5CVSS6.9AI score0.00754EPSS
CVE
CVE
added 2023/08/15 5:15 p.m.101 views

CVE-2023-38853

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015.

6.5CVSS6.9AI score0.00754EPSS
CVE
CVE
added 2017/11/20 10:29 p.m.65 views

CVE-2017-12110

An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file can cause memory corruption resulting in remote code execution.

8.8CVSS8.2AI score0.00658EPSS
CVE
CVE
added 2017/11/20 10:29 p.m.61 views

CVE-2017-2896

An exploitable out-of-bounds write vulnerability exists in the xls_mergedCells function of libxls 1.4. . A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.

8.8CVSS8AI score0.00559EPSS
CVE
CVE
added 2017/11/20 10:29 p.m.60 views

CVE-2017-12111

An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4. A specially crafted XLS file with a formula record can cause memory corruption resulting in remote code execution. An attacker can send a malicious XLS file to trigger this vulnerability.

8.8CVSS8AI score0.00658EPSS
CVE
CVE
added 2018/04/24 7:29 p.m.56 views

CVE-2017-12108

An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULBLANK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerabil...

8.8CVSS9AI score0.01818EPSS
CVE
CVE
added 2017/11/20 10:29 p.m.55 views

CVE-2017-2919

An exploitable stack based buffer overflow vulnerability exists in the xls_getfcell function of libxls 1.3.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability

8.8CVSS8.1AI score0.01299EPSS
CVE
CVE
added 2018/04/24 7:29 p.m.52 views

CVE-2017-12109

An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULRK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...

8.8CVSS9AI score0.01818EPSS
CVE
CVE
added 2017/11/20 10:29 p.m.52 views

CVE-2017-2897

An exploitable out-of-bounds write vulnerability exists in the read_MSAT function of libxls 1.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.

8.8CVSS7.3AI score0.01506EPSS
CVE
CVE
added 2021/11/03 5:15 p.m.49 views

CVE-2021-27836

An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file.

6.5CVSS6AI score0.00421EPSS
CVE
CVE
added 2020/12/02 6:15 p.m.45 views

CVE-2017-2910

An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0. A specially crafted xls file can cause a memory corruption resulting in remote code execution. An attacker can send malicious xls file to trigger this vulnerability.

8.8CVSS9AI score0.01251EPSS
CVE
CVE
added 2018/12/25 5:29 p.m.44 views

CVE-2018-20452

The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, because of inconsistent memory management (new versus free) in ole2_read_header in ole.c.

8.8CVSS8.4AI score0.00402EPSS
CVE
CVE
added 2023/08/15 5:15 p.m.43 views

CVE-2023-38856

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411.

6.5CVSS6.9AI score0.00754EPSS
CVE
CVE
added 2018/12/25 5:29 p.m.40 views

CVE-2018-20450

The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2017-2897.

6.5CVSS6.4AI score0.01506EPSS
CVE
CVE
added 2023/08/15 5:15 p.m.38 views

CVE-2023-38855

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.

6.5CVSS6.9AI score0.00754EPSS