Описание
An exploitable heap-based buffer overflow vulnerability exists in the read_legacy_biff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1.0.5-1 |
| devel | not-affected | 1.0.5-3 |
| esm-apps/bionic | not-affected | 1.0.5-1 |
| esm-apps/xenial | released | 1.0.2-1ubuntu0.1 |
| esm-infra-legacy/trusty | released | 1.0.0g-1ubuntu0.14.04.3 |
| precise/esm | DNE | |
| trusty | released | 1.0.0g-1ubuntu0.14.04.3 |
| trusty/esm | released | 1.0.0g-1ubuntu0.14.04.3 |
| upstream | released | 1.0.0g-1+deb8u5, 1.0.2-2+deb9u2 |
Показывать по
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
An exploitable heap-based buffer overflow vulnerability exists in the read_legacy_biff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
An exploitable heap-based buffer overflow vulnerability exists in the ...
An exploitable heap-based buffer overflow vulnerability exists in the read_legacy_biff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3