CVE-2023-38855

Опубликовано: 15 авг. 2023

Источник: redhat

CVSS3: 0

EPSS Низкий

Описание

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.

Отчет

This flaw was found to be a duplicate of CVE-2023-38852. Please see https://access.redhat.com/security/cve/CVE-2023-38852 for information about affected products and security errata.

Ссылки на источники

Дополнительная информация

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=2236663libxls: heap buffer overflow in xls_parseWorkBook() in xls.c

EPSS

Процентиль: 73%

0.00754

Низкий

0 Low

CVSS3

Связанные уязвимости

CVE-2023-38855

CVSS3: 6.5

ubuntu

больше 2 лет назад

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.

CVE-2023-38855

CVSS3: 6.5

nvd

больше 2 лет назад

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.

CVE-2023-38855

CVSS3: 6.5

debian

больше 2 лет назад

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ...

GHSA-hfhg-3fc7-vr2g

CVSS3: 6.5

github

больше 2 лет назад

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.

EPSS

Процентиль: 73%

0.00754

Низкий

0 Low

CVSS3