Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FreeXL 缓冲区错误漏洞
Vulnerability Description
FreeXL是软件开发者Alessandro Furieri所研发的一个开源的用于从Excel(.xls)电子表格中提取有效数据的库。 FreeXL 1.0.3版本中的‘'read_biff_next_record’函数存在基于堆的缓冲区溢出漏洞,该漏洞源于程序没有充分的对用户提交的数据执行边界检测,导致复制数据的大小超过了缓冲区的空间。远程攻击者可通过发送恶意的XLS文件利用该漏洞在受影响应用程序上下文中执行任意代码或造成拒绝服务(内存损坏)。
CVSS Information
N/A
Vulnerability Type
N/A