Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libxls project libxls vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-27819
An issue exists in libxls before and including 1.6.1 when reading Microsoft Excel files. A NULL pointer dereference vulnerability exists when parsing XLS cells in libxls/xls2csv.c:199. It could allow a remote malicious user to cause a denial of service via crafted XLS file.
Libxls Project Libxls
6.8
CVSSv2
CVE-2018-20452
The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid free that allows malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, because of inconsistent memory management (new versus free) in ole2_...
Libxls Project Libxls 1.4.0
6.8
CVSSv2
CVE-2017-12109
An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULRK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger...
Libxls Project Libxls 1.4
6.8
CVSSv2
CVE-2017-12110
An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file can cause memory corruption resulting in remote code execution.
Libxls Project Libxls 1.4
6.8
CVSSv2
CVE-2017-12111
An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4. A specially crafted XLS file with a formula record can cause memory corruption resulting in remote code execution. An attacker can send a malicious XLS file to trigger this vulnerability.
Libxls Project Libxls 1.4
NA
CVE-2023-38853
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote malicious user to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015.
Libxls Project Libxls 1.6.2
6.8
CVSSv2
CVE-2017-2897
An exploitable out-of-bounds write vulnerability exists in the read_MSAT function of libxls 1.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
Libxls Project Libxls 1.4.0
6.8
CVSSv2
CVE-2017-2910
An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0. A specially crafted xls file can cause a memory corruption resulting in remote code execution. An attacker can send malicious xls file to trigger this vulnerability.
Libxls Project Libxls 2.0.0
NA
CVE-2023-38854
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote malicious user to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296.
Libxls Project Libxls 1.6.2
NA
CVE-2023-38856
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote malicious user to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411.
Libxls Project Libxls 1.6.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »