Attackers can exploit this issue by enticing an unsuspecting victim to open a specially crafted '.csv' file. Successful exploits will cause the application to crash, denying service to legitimate users. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.