High severity8.8NVD Advisory· Published Apr 24, 2018· Updated Jun 17, 2026
CVE-2017-2923
CVE-2017-2923
Description
An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- osv-coords2 versionspkg:rpm/opensuse/freexl&distro=openSUSE%20Tumbleweedpkg:rpm/suse/freexl&distro=SUSE%20Package%20Hub%2012
< 1.0.6-1.3+ 1 more
- (no CPE)range: < 1.0.6-1.3
- (no CPE)range: < 1.0.4-5.1
Patches
Vulnerability mechanics
References
3- www.debian.org/security/2017/dsa-3976nvdThird Party Advisory
- www.talosintelligence.com/vulnerability_reports/TALOS-2017-0430nvdThird Party Advisory
- www.securityfocus.com/bid/100807nvdBroken Link
News mentions
0No linked articles in our index yet.