CVE-2017-2910

Name of the Vulnerable Software and Affected Versions: libxls version 2.0

Description: An exploitable Out-of-bounds Write issue exists in the xls addCell function. A specially crafted xls file can cause memory corruption, resulting in remote code execution. An attacker can send a malicious xls file to trigger this issue.

Recommendations: For libxls version 2.0, consider disabling the xls addCell function until a patch is available to prevent potential exploitation. Restrict access to handling xls files to minimize the risk of remote code execution. Avoid using libxls version 2.0 to process untrusted xls files until the issue is resolved.