The parse_SST function in FreeXL before 1.0.0i allows remote attackers to cause a denial of service (memory consumption) via a crafted shared strings table in a workbook.
CVSS Score
4.3
EPSS Score
0.02
Published
2015-03-31
FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."
CVSS Score
6.8
EPSS Score
0.021
Published
2015-03-31
FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) or possibly execute arbitrary code via a crafted sector in a workbook.
CVSS Score
6.8
EPSS Score
0.019
Published
2015-03-31