Libxls Security Vulnerabilities and Issues — Libxls CVE List

Lucene search

Libxls ProjectLibxls

9 matches found

CVE•added 2017/11/20 10:29 p.m.•65 views

CVE-2017-12110

An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file can cause memory corruption resulting in remote code execution.

8.8CVSS8.2AI score0.00658EPSS

CVE•added 2017/11/20 10:29 p.m.•61 views

CVE-2017-2896

An exploitable out-of-bounds write vulnerability exists in the xls_mergedCells function of libxls 1.4. . A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.

8.8CVSS8AI score0.00559EPSS

CVE•added 2017/11/20 10:29 p.m.•60 views

CVE-2017-12111

An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4. A specially crafted XLS file with a formula record can cause memory corruption resulting in remote code execution. An attacker can send a malicious XLS file to trigger this vulnerability.

8.8CVSS8AI score0.00658EPSS

CVE•added 2018/04/24 7:29 p.m.•56 views

CVE-2017-12108

An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULBLANK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerabil...

8.8CVSS9AI score0.01818EPSS

CVE•added 2017/11/20 10:29 p.m.•55 views

CVE-2017-2919

An exploitable stack based buffer overflow vulnerability exists in the xls_getfcell function of libxls 1.3.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability

8.8CVSS8.1AI score0.01299EPSS

CVE•added 2018/04/24 7:29 p.m.•52 views

CVE-2017-12109

An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULRK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...

8.8CVSS9AI score0.01818EPSS

CVE•added 2017/11/20 10:29 p.m.•52 views

CVE-2017-2897

An exploitable out-of-bounds write vulnerability exists in the read_MSAT function of libxls 1.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.

8.8CVSS7.3AI score0.01506EPSS

CVE•added 2020/12/02 6:15 p.m.•45 views

CVE-2017-2910

An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0. A specially crafted xls file can cause a memory corruption resulting in remote code execution. An attacker can send malicious xls file to trigger this vulnerability.

8.8CVSS9AI score0.01251EPSS

CVE•added 2018/12/25 5:29 p.m.•44 views

CVE-2018-20452

The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, because of inconsistent memory management (new versus free) in ole2_read_header in ole.c.

8.8CVSS8.4AI score0.00402EPSS