Libxls Project

Libxls

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-38856

Exploit
  • EPSS 0.75%
  • Veröffentlicht 15.08.2023 17:15:11
  • Zuletzt bearbeitet 21.11.2024 08:14:18

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411.

6.5

CVE-2023-38855

Exploit
  • EPSS 0.75%
  • Veröffentlicht 15.08.2023 17:15:11
  • Zuletzt bearbeitet 21.11.2024 08:14:18

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.

6.5

CVE-2023-38854

Exploit
  • EPSS 0.75%
  • Veröffentlicht 15.08.2023 17:15:11
  • Zuletzt bearbeitet 21.11.2024 08:14:17

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296.

6.5

CVE-2023-38853

Exploit
  • EPSS 0.75%
  • Veröffentlicht 15.08.2023 17:15:10
  • Zuletzt bearbeitet 21.11.2024 08:14:17

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015.

6.5

CVE-2023-38852

Exploit
  • EPSS 0.9%
  • Veröffentlicht 15.08.2023 17:15:10
  • Zuletzt bearbeitet 21.11.2024 08:14:17

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266.

6.5

CVE-2023-38851

Exploit
  • EPSS 0.75%
  • Veröffentlicht 15.08.2023 17:15:10
  • Zuletzt bearbeitet 21.11.2024 08:14:17

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018.

6.5

CVE-2021-27836

  • EPSS 0.42%
  • Veröffentlicht 03.11.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 05:58:37

An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file.

5.5

CVE-2020-27819

  • EPSS 0.27%
  • Veröffentlicht 23.02.2021 04:15:13
  • Zuletzt bearbeitet 21.11.2024 05:21:52

An issue was discovered in libxls before and including 1.6.1 when reading Microsoft Excel files. A NULL pointer dereference vulnerability exists when parsing XLS cells in libxls/xls2csv.c:199. It could allow a remote attacker to cause a denial of ser...

8.8

CVE-2017-2910

Exploit
  • EPSS 1.25%
  • Veröffentlicht 02.12.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 03:24:26

An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0. A specially crafted xls file can cause a memory corruption resulting in remote code execution. An attacker can send malicious xls file to trigger this ...

8.8

CVE-2018-20452

Exploit
  • EPSS 0.4%
  • Veröffentlicht 25.12.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:30

The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, because of inconsistent memory management (n...