CVE-2017-12111

Name of the Vulnerable Software and Affected Versions libxls version 1.4

Description An out-of-bounds vulnerability exists in the xls addCell function, allowing remote code execution through memory corruption. This can be triggered by a specially crafted XLS file containing a formula record.

Recommendations For libxls version 1.4, consider avoiding the use of the xls addCell function until a patch is available, or refrain from opening untrusted XLS files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.