Leon

#6187of 53,622
44Total CVSS
Vulnerabilities · 5
High
5
PT-2018-18069
8.8
2018-02-23
Freexl · Freexl · CVE-2018-7435
**Name of the Vulnerable Software and Affected Versions** FreeXL versions prior to 1.0.5 **Description** A problem has been discovered in FreeXL, where there is a heap-based buffer over-read in the `freexl::destroy cell` function. This issue affects versions prior to 1.0.5. **Recommendations** For versions prior to 1.0.5, update to version 1.0.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `freexl::destroy cell` function until a patch is available.
PT-2018-18070
8.8
2018-02-23
Freexl · Freexl · CVE-2018-7436
**Name of the Vulnerable Software and Affected Versions** FreeXL versions prior to 1.0.5 **Description** A problem has been discovered in FreeXL, where there is a heap-based buffer over-read in a pointer dereference of the `parse SST` function. This issue affects versions prior to 1.0.5. **Recommendations** For versions prior to 1.0.5, update to version 1.0.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the `parse SST` function until a patch is available.
PT-2018-18071
8.8
2018-02-23
Freexl · Freexl · CVE-2018-7437
**Name of the Vulnerable Software and Affected Versions** FreeXL versions prior to 1.0.5 **Description** A problem has been discovered in FreeXL, where there is a heap-based buffer over-read in a memcpy call of the `parse SST` function. This issue affects versions prior to 1.0.5. **Recommendations** For versions prior to 1.0.5, update to version 1.0.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the `parse SST` function until a patch is available.
PT-2018-18072
8.8
2018-02-23
Freexl · Freexl · CVE-2018-7438
**Name of the Vulnerable Software and Affected Versions** FreeXL versions prior to 1.0.5 **Description** A problem has been discovered in FreeXL, where there is a heap-based buffer over-read in the `parse unicode string` function. This issue affects versions prior to 1.0.5. **Recommendations** For versions prior to 1.0.5, update to version 1.0.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the `parse unicode string` function until a patch is available.
PT-2018-18073
8.8
2018-02-23
Freexl · Freexl · CVE-2018-7439
**Name of the Vulnerable Software and Affected Versions** FreeXL versions prior to 1.0.5 **Description** An issue was discovered in FreeXL, where there is a heap-based buffer over-read in the `read mini biff next record` function. This issue affects versions prior to 1.0.5. **Recommendations** For versions prior to 1.0.5, update to version 1.0.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the `read mini biff next record` function until a patch is available.