libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table (MSAT) in read_MSAT() is not fully initialized before being consumed by ole2_validate_sector_chain(), which may result in application crashes or potential information disclosure when processing a crafted XLS file
0.1.0-11.0.0-1build11.0.0-21.3.1-21.3.1-2build11.3.1-2build21.4.3-11.4.5-1