Oval Definition:oval:org.opensuse.security:def:20172923
Revision Date:2022-06-30Version:1
Title:CVE-2017-2923
Description:

An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-2923
openSUSE-SU-2017:2537-1
openSUSE-SU-2017:2539-1
Mitre CVE-2017-2923
SUSE CVE-2017-2923
openSUSE-SU-2017:2537-1
openSUSE-SU-2017:2539-1
Platform(s):openSUSE Leap 42.2
openSUSE Leap 42.3
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Package Hub for SUSE Linux Enterprise 12
Product(s):
Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • freexl-1.0.4-5 is installed
  • AND freexl is signed with openSUSE key
  • OR
  • freexl-devel-1.0.4-5 is installed
  • AND freexl-devel is signed with openSUSE key
  • OR
  • libfreexl1-1.0.4-5 is installed
  • AND libfreexl1 is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 42.2 is installed
  • AND Package Information
  • freexl-1.0.4-2.3.1 is installed
  • AND freexl is signed with openSUSE key
  • OR
  • freexl-devel-1.0.4-2.3.1 is installed
  • AND freexl-devel is signed with openSUSE key
  • OR
  • libfreexl1-1.0.4-2.3.1 is installed
  • AND libfreexl1 is signed with openSUSE key
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 is installed
  • AND Package Information
  • freexl-1.0.4-5 is installed
  • OR freexl-devel-1.0.4-5 is installed
  • OR libfreexl1-1.0.4-5 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • freexl-devel-1.0.6-1.3 is installed
  • OR libfreexl1-1.0.6-1.3 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 is installed
  • AND Package Information
  • freexl-devel-1.0.4-5.1 is installed
  • OR libfreexl1-1.0.4-5.1 is installed
    • BACK