Description
An issue was discovered in FreeXL before 1.0.5. There is a heap-based
buffer over-read in a pointer dereference of the parse_SST function.
Ubuntu-Description
It was discovered that FreeXL did not properly handle certain input, resulting
in a beap-based buffer over-read. If a user were tricked into opening a malicious
Excel spreadsheet, FreeXL could potentially leak sensitive information.
Assigned-to
mikesalvatore
Package
Upstream: | released
(1.0.5-1)
|
Ubuntu 18.04 LTS: | not-affected
(1.0.5-1)
|
Ubuntu 14.04 ESM: | released
(1.0.0g-1ubuntu0.14.04.3)
|
Patches:
Updated: 2022-04-13 13:35:09 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)