Vulnerability Details CVE-2015-2754
FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.6%
CVSS Severity
CVSS v2 Score 6.8
References
- http://www.debian.org/security/2015/dsa-3208
- http://www.openwall.com/lists/oss-security/2015/03/25/1
- http://www.openwall.com/lists/oss-security/2015/03/27/1
- http://www.securityfocus.com/bid/73330
- https://security.gentoo.org/glsa/201606-15
- https://www.gaia-gis.it/fossil/freexl/fdiff?v1=2e167b337481dda3&v2=61618ce51a9b0c15&sbs=1
- http://www.debian.org/security/2015/dsa-3208
- http://www.openwall.com/lists/oss-security/2015/03/25/1
- http://www.openwall.com/lists/oss-security/2015/03/27/1
- http://www.securityfocus.com/bid/73330
- https://security.gentoo.org/glsa/201606-15
- https://www.gaia-gis.it/fossil/freexl/fdiff?v1=2e167b337481dda3&v2=61618ce51a9b0c15&sbs=1
Products affected by CVE-2015-2754
-
cpe:2.3:a:gaia-gis:freexl:-
-
cpe:2.3:a:gaia-gis:freexl:0.0.1
-
cpe:2.3:a:gaia-gis:freexl:0.0.2
-
cpe:2.3:a:gaia-gis:freexl:0.0.3
-
cpe:2.3:a:gaia-gis:freexl:1.0.0a
-
cpe:2.3:a:gaia-gis:freexl:1.0.0b
-
cpe:2.3:a:gaia-gis:freexl:1.0.0c
-
cpe:2.3:a:gaia-gis:freexl:1.0.0d
-
cpe:2.3:a:gaia-gis:freexl:1.0.0e
-
cpe:2.3:a:gaia-gis:freexl:1.0.0f
-
cpe:2.3:a:gaia-gis:freexl:1.0.0g
-
cpe:2.3:a:gaia-gis:freexl:1.0.0h
-
cpe:2.3:o:debian:debian_linux:7.0