VYPR
High severity8.8NVD Advisory· Published Apr 24, 2018· Updated Jun 17, 2026

CVE-2017-12109

CVE-2017-12109

Description

An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULRK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Libxls/Libxlsllm-fuzzy2 versions
    <=1.4+ 1 more
    • (no CPE)range: <=1.4
    • (no CPE)range: 1.4 readxl package 1.0.0 for R (tested using Microsoft R 4.3.1)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.