CVE-2017-10792

Name of the Vulnerable Software and Affected Versions GNU PSPP versions prior to 0.11.0

Description The issue is related to a NULL Pointer Dereference in the ll insert() function of the libpspp library. This can cause a crash when attempting to convert invalid SPSS data into CSV format. A crafted input can lead to a remote denial of service attack.

Recommendations For GNU PSPP versions prior to 0.11.0, update to version 0.11.0 or later to resolve the issue. As a temporary workaround, consider avoiding the conversion of invalid SPSS data into CSV format until the update is applied.