123elf Lotus 1-2-3 before 1.0.0rc3 for Linux, and Lotus 1-2-3 R3 for UNIX and other platforms through 9.8.2, allow attackers to execute arbitrary code via a crafted worksheet. This occurs because of a stack-based buffer overflow in the cell format processing routines, as demonstrated by a certain function call from process_fmt() that can be reached via a w3r_format element in a wk3 document.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-09-05T06:02:03
Updated: 2024-08-03T12:07:42.952Z
Reserved: 2022-09-05T00:00:00
Link: CVE-2022-39843
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-09-05T07:15:08.207
Modified: 2022-09-09T14:45:27.747
Link: CVE-2022-39843
Redhat
No data.