CVE-2023-38855

Опубликовано: 15 авг. 2023

Источник: debian

Описание

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
r-cran-readxl	unfixed			package

Примечания

https://github.com/libxls/libxls/issues/124 (#6)
Negligible security impact

Связанные уязвимости

CVE-2023-38855

CVSS3: 6.5

ubuntu

больше 2 лет назад

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.

CVE-2023-38855

redhat

больше 2 лет назад

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.

CVE-2023-38855

CVSS3: 6.5

nvd

больше 2 лет назад

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.

GHSA-hfhg-3fc7-vr2g

CVSS3: 6.5

github

больше 2 лет назад

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.