Описание
The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2017-2897.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| r-cran-readxl | fixed | 1.2.0.9000-1 | package | |
| r-cran-readxl | fixed | 0.1.1-1+deb9u2 | stretch | package |
Примечания
https://github.com/evanmiller/libxls/issues/34
EPSS
Связанные уязвимости
The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2017-2897.
The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2017-2897.
The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2017-2897.
EPSS