Security Advisory

CVE-2017-12109

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-04-24 19:00:00

Last updated 2024-09-16 16:22:32

Assigner talos

State PUBLISHED

Description

An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULRK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.

← Browse all CVEs View on cve.org ↗