CVE-2017-12109
NONE EPSS 84.5%
Published Apr 24, 20188y ago · Modified Jun 17, 20262w ago
Published Apr 24, 2018 8y ago
Last Modified Jun 17, 2026 2w ago
Description
An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULRK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
Threat Intelligence
EPSS Exploit Probability
84.5% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-190 Integer Overflow or Wraparound Numeric Error
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| libxls_project | libxls | 1.4 | any |
References 1
- talosintelligence.com https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0461
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.