High severity8.8NVD Advisory· Published Apr 24, 2018· Updated Jun 17, 2026
CVE-2017-2924
CVE-2017-2924
Description
An exploitable heap-based buffer overflow vulnerability exists in the read_legacy_biff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- osv-coords2 versionspkg:rpm/opensuse/freexl&distro=openSUSE%20Tumbleweedpkg:rpm/suse/freexl&distro=SUSE%20Package%20Hub%2012
< 1.0.6-1.3+ 1 more
- (no CPE)range: < 1.0.6-1.3
- (no CPE)range: < 1.0.4-5.1
Patches
Vulnerability mechanics
References
3- www.debian.org/security/2017/dsa-3976nvdThird Party Advisory
- www.talosintelligence.com/vulnerability_reports/TALOS-2017-0431nvdThird Party Advisory
- www.securityfocus.com/bid/100799nvdBroken Link
News mentions
0No linked articles in our index yet.