An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a memcpy call of the parse_SST function. An attacker can send a malicious crafted xls file to trigger this vulnerability.
All 5 issues (CVE-2018-7435 - CVE-2018-7439) were fixed upstream in version 1.0.5:
Upstream commits (not split by CVE):
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):