Bugs fixes in "freexl"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2017-7439 | NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 might allow remote attackers to obtain sensitive information via vectors involving e | 2018-09-25 |
| CVE | CVE-2017-7438 | NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via javascript DOM modification using the supplied co | 2018-09-25 |
| CVE | CVE-2017-7437 | NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via the "type" and "account" parameters of json reque | 2018-09-25 |
| CVE | CVE-2017-7436 | In libzypp before 20170803 it was possible to retrieve unsigned packages without a warning to the user which could lead to man in the middle or malic | 2018-09-25 |
| CVE | CVE-2017-7435 | In libzypp before 20170803 it was possible to add unsigned YUM repositories without warning to the user that could lead to man in the middle or malic | 2018-09-25 |
| CVE | CVE-2017-2924 | An exploitable heap-based buffer overflow vulnerability exists in the read_legacy_biff function of FreeXL 1.0.3. A specially crafted XLS file can cau | 2018-09-25 |
| CVE | CVE-2017-2923 | An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3. A specially crafted XLS file | 2018-09-25 |
| CVE | CVE-2017-7439 | NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 might allow remote attackers to obtain sensitive information via vectors involving e | 2018-09-25 |
| CVE | CVE-2017-7438 | NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via javascript DOM modification using the supplied co | 2018-09-25 |
| CVE | CVE-2017-7437 | NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via the "type" and "account" parameters of json reque | 2018-09-25 |
| CVE | CVE-2017-7436 | In libzypp before 20170803 it was possible to retrieve unsigned packages without a warning to the user which could lead to man in the middle or malic | 2018-09-25 |
| CVE | CVE-2017-7435 | In libzypp before 20170803 it was possible to add unsigned YUM repositories without warning to the user that could lead to man in the middle or malic | 2018-09-25 |
| CVE | CVE-2017-2924 | An exploitable heap-based buffer overflow vulnerability exists in the read_legacy_biff function of FreeXL 1.0.3. A specially crafted XLS file can cau | 2018-09-25 |
| CVE | CVE-2017-2923 | An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3. A specially crafted XLS file | 2018-09-25 |
About
-
Send Feedback to @ubuntu_updates
