Vulnerability Details CVE-2018-20450
The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2017-2897.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.0%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
Products affected by CVE-2018-20450
-
cpe:2.3:a:libxls_project:libxls:1.4.0