An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULBLANK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
|https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0460||Exploit Third Party Advisory|
Configuration 1 (hide)