Lucene search
Veracode Vulnerability DatabaseVERACODE:5053HistorySep 12, 2017 - 3:08 a.m.
Remote Code Execution (RCE) Via Heap-based Buffer Overflow Vulnerability
2017-09-1203:08:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
0.021 Low
EPSS
Percentile
89.2%
freexl is vulnerable to remote code execution (RCE) via heap based buffer overflow. The attackers can get full control over the heap overflow since it does not check the content and dimension of the XLS files input to the read_legacy_biff() function. The vulnerability can be triggered only when malicious XLS file is in old BIFF format.
Related
prion
prion
Heap overflow
2018-04-24 19:29:00
nvd
nvd
CVE-2017-2924
2018-04-24 19:29:03
cvelist
cvelist
CVE-2017-2924
2017-09-11 00:00:00
ubuntucve
ubuntucve
CVE-2017-2924
2018-04-24 00:00:00
debiancve
debiancve
CVE-2017-2924
2018-04-24 19:29:03
talos
talos
FreeXL BIFF Dimension Marker Code Execution Vulnerability
2017-09-11 00:00:00
seebug
seebug
FreeXL BIFF Dimension Marker Code Execution Vulnerability(CVE-2017-2924)
2017-09-12 00:00:00
cve
cve
CVE-2017-2924
2018-04-24 19:29:03
debian
debian
[SECURITY] [DSA 3976-1] freexl security update
2017-09-17 17:12:29
[SECURITY] [DSA 3976-1] freexl security update
2017-09-17 17:12:29
[SECURITY] [DLA 1098-1] freexl security update
2017-09-17 16:14:08
osv
osv
freexl - security update
2017-09-17 00:00:00
freexl - security update
2017-09-17 00:00:00
talosblog
talosblog
nessus
nessus
openvas
openvas
Debian: Security Advisory (DLA-1098-1)
2018-02-06 00:00:00
Debian: Security Advisory (DSA-3976-1)
2017-09-16 00:00:00
freebsd
freebsd