The parse_SST function in FreeXL before 1.0.0i allows remote attackers to cause a denial of service (memory consumption) via a crafted shared strings table in a workbook.
{ "ubuntu_priority": "low", "binaries": [ { "binary_name": "libfreexl-dev", "binary_version": "1.0.0g-1ubuntu0.14.04.1" }, { "binary_name": "libfreexl1", "binary_version": "1.0.0g-1ubuntu0.14.04.1" }, { "binary_name": "libfreexl1-dbg", "binary_version": "1.0.0g-1ubuntu0.14.04.1" } ], "availability": "No subscription required" }