Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
xlnt-community xlnt Compound Document binary.hpp append heap-based overflow
Vulnerability Description
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binary_writer::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been made available to the public and could be used for attacks. Patch name: 147. It is suggested to install a patch to address this issue.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
xlnt 安全漏洞
Vulnerability Description
xlnt是xlnt-community开源的一个C++语言库。 xlnt 1.6.1及之前版本存在安全漏洞,该漏洞源于组件Compound Document Parser的文件source/detail/binary.hpp中函数xlnt::detail::binary_writer::append存在堆缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A