#VU16704 Double-free error in libxls - CVE-2018-20450

Cybersecurity Help s.r.o.

Published: 2018-12-25 | Updated: 2018-12-25

Vulnerability identifier: #VU16704

Vulnerability risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2018-20450

CWE-ID: CWE-415

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libxls
Client/Desktop applications / Multimedia software

Vendor: libxls.sourceforge.net

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to insufficient validation of user-supplied input in the read_MSAT function in ole.c. A remote attacker can submit a specially crafted Excel file, trigger double-free error and cause the service to crash.

Mitigation
Cybersecurity Help is currently unaware of any solutions to address the vulnerability.

Vulnerable software versions

libxls: 1.4.0

External links
https://github.com/evanmiller/libxls/issues/34

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Gentoo update for libxls

Denial of service in libxls