CVE-2023-38856

Опубликовано: 15 авг. 2023

Источник: debian

EPSS Низкий

Описание

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
r-cran-readxl	unfixed			package

Примечания

https://github.com/libxls/libxls/issues/124 (#4)
Negligible security impact

EPSS

Процентиль: 73%

0.00754

Низкий

Связанные уязвимости

CVE-2023-38856

CVSS3: 6.5

ubuntu

больше 2 лет назад

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411.

CVE-2023-38856

redhat

больше 2 лет назад

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411.

CVE-2023-38856

CVSS3: 6.5

nvd

больше 2 лет назад

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411.

GHSA-5463-2m97-2wvc

CVSS3: 6.5

github

больше 2 лет назад

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411.

EPSS

Процентиль: 73%

0.00754

Низкий