6 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-12109
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow vulnerability exists in the xlspreparseWorkSheet function of libxls 1.4 when handling a MULRK record. A specially crafted XLS fi...
Absolute Path Traversal
Overview Affected versions of this package are vulnerable to Absolute Path Traversal via the setPath method. An attacker can access or leak sensitive information by constructing a malicious XLSX file that manipulates the path to external or internal resources, exploiting the file reading mechanis...
Denial of Service (DoS)
Overview xlsx is a Parser and writer for various spreadsheet formats. Affected versions of this package are vulnerable to Denial of Service DoS. An attacker who can send a malicious excel file parsed by this library can crash the Node.JS process. Note: xlsx package after version 0.18.5 is...
libxls out-of-bounds write vulnerability (CNVD-2017-37753)
libxls is a C library that can read Excel xls files. An out-of-bounds write vulnerability exists in the readMSAT function in libxls 1.4. An attacker can exploit this vulnerability by sending a malicious XLS file to cause a memory corruption that could lead to remote code execution...
Microsoft Office Excel String Variable Code Execution (MS10-038; CVE-2010-1252)
Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formulae, and various data sources. The common extension used for Microsoft Excel documents is .xls or .xlw...
Microsoft Excel Formula Parsing Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file '.xls'. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...