Unrated severityOSV Advisory· Published Dec 25, 2018· Updated Aug 5, 2024
CVE-2018-20452
CVE-2018-20452
Description
The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, because of inconsistent memory management (new versus free) in ole2_read_header in ole.c.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2- security.gentoo.org/glsa/202003-64mitrevendor-advisoryx_refsource_GENTOO
- github.com/evanmiller/libxls/issues/35mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.