CVE-2018-7438

Priority
Description
An issue was discovered in FreeXL before 1.0.5. There is a heap-based
buffer over-read in the parse_unicode_string function.
Ubuntu-Description
It was discovered that FreeXL did not properly handle certain input, resulting
in a beap-based buffer over-read. If a user were tricked into opening a malicious
Excel spreadsheet, FreeXL could potentially leak sensitive information.
Assigned-to
mikesalvatore
Notes
Package
Upstream:released (1.0.5-1)
Ubuntu 18.04 LTS:not-affected (1.0.5-1)
Ubuntu 14.04 ESM:released (1.0.0g-1ubuntu0.14.04.3)
Patches:
More Information

Updated: 2022-04-13 13:35:10 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)