Libxls Project

Libxls

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.21%
  • Veröffentlicht 03.06.2026 00:00:00
  • Zuletzt bearbeitet 08.06.2026 17:16:41

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xls_parseWorkBook() and is triggered by uninitialized heap memory originating from the OLE layer (ole2_read). The flaw is ...

Exploit
  • EPSS 0.23%
  • Veröffentlicht 03.06.2026 00:00:00
  • Zuletzt bearbeitet 04.06.2026 18:41:31

libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table (MSAT) in read_MSAT() is not fully initialized before being consumed by ole2_valida...

Exploit
  • EPSS 0.77%
  • Veröffentlicht 15.08.2023 17:15:11
  • Zuletzt bearbeitet 21.11.2024 08:14:18

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411.

Exploit
  • EPSS 0.77%
  • Veröffentlicht 15.08.2023 17:15:11
  • Zuletzt bearbeitet 21.11.2024 08:14:18

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.

Exploit
  • EPSS 0.77%
  • Veröffentlicht 15.08.2023 17:15:11
  • Zuletzt bearbeitet 21.11.2024 08:14:17

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296.

Exploit
  • EPSS 0.77%
  • Veröffentlicht 15.08.2023 17:15:10
  • Zuletzt bearbeitet 21.11.2024 08:14:17

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015.

Exploit
  • EPSS 1.17%
  • Veröffentlicht 15.08.2023 17:15:10
  • Zuletzt bearbeitet 04.11.2025 22:15:53

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266.

Exploit
  • EPSS 0.77%
  • Veröffentlicht 15.08.2023 17:15:10
  • Zuletzt bearbeitet 21.11.2024 08:14:17

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018.

  • EPSS 1.12%
  • Veröffentlicht 03.11.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 05:58:37

An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file.

  • EPSS 0.83%
  • Veröffentlicht 23.02.2021 04:15:13
  • Zuletzt bearbeitet 21.11.2024 05:21:52

An issue was discovered in libxls before and including 1.6.1 when reading Microsoft Excel files. A NULL pointer dereference vulnerability exists when parsing XLS cells in libxls/xls2csv.c:199. It could allow a remote attacker to cause a denial of ser...