37 matches found
Barracuda ESG Spreadsheet::ParseExcel Arbitrary Code Execution
This module exploits CVE-2023-7102, an arbitrary code execution vulnerability in Barracuda Email Security Gateway ESG appliances. The vulnerability exists in how the Amavis scanner processes Excel attachments using the Perl Spreadsheet::ParseExcel library. The library's Utility.pm contains an...
OESA-2025-2508 perl-Spreadsheet-ParseExcel security update
The Spreadsheet::ParseExcel module can be used to read information from an Excel 95-2003 file. Security Fixes: Spreadsheet::ParseExcel version 0.65, a Perl module for parsing Excel files, is vulnerable to arbitrary code execution ACE due to passing unvalidated input from a file into a string-type...
Spreadsheet-ParseExcel: Arbitrary Code Execution
Background Spreadsheet::ParseExcel is a perl module to extract information from Excel files. Description A vulnerability has been discovered in Spreadsheet::ParseExcel. Please review the CVE identifier referenced below for details. Impact Please review the referenced CVE identifier for details...
GLSA-202508-05 : Spreadsheet-ParseExcel: Arbitrary Code Execution
The remote host is affected by the vulnerability described in GLSA-202508-05 Spreadsheet-ParseExcel: Arbitrary Code Execution A vulnerability has been discovered in Spreadsheet::ParseExcel. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding...
RSEC-2023-9 Arbitrary Code Execution (ACE) Vulnerability
Bundled Perl script Spreadsheet::ParseExcel version 0.65 is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type "eval". Specifically, the issue stems from the evaluation of Number format strings not to be confused with...
OPENSUSE-SU-2024:13558-1 perl-Spreadsheet-ParseExcel-0.660.0-1.1 on GA media
These are all security issues fixed in the perl-Spreadsheet-ParseExcel-0.660.0-1.1 package on the GA media of openSUSE Tumbleweed...
USN-6781-1: Spreadsheet::ParseExcel vulnerability
Le Dinh Hai discovered that Spreadsheet::ParseExcel was passing unvalidated input from a file into a string-type "eval". An attacker could craft a malicious file to achieve arbitrary code execution...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Spreadsheet::ParseExcel vulnerability (USN-6781-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6781-1 advisory. Le Dinh Hai discovered that Spreadsheet::ParseExcel was passing unvalidated input from a file into a string-type...
Spreadsheet::ParseExcel RCE (CVE-2023-7101)
According to its self-reported version number, the Spreadsheet::ParseExcel perl module is vulnerable to a remote code execution vulnerability due to passing unvalidated input from a file into a string-type âevalâ. Specifically, the issue stems from the evaluation of Number format strings not ...
Jmcnamara Spreadsheet-ParseExcel Installed (Windows)
Binary data jmcnamaraspreadsheetparseexcelwininstalled.nbin...
FreeBSD : p5-Spreadsheet-ParseExcel -- Remote Code Execution Vulnerability (cb22a9a6-c907-11ee-8d1c-40b034429ecf)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cb22a9a6-c907-11ee-8d1c-40b034429ecf advisory. - Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files...
Amazon Linux 2023 : perl-Spreadsheet-ParseExcel (ALAS2023-2024-491)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-491 advisory. Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated inpu...
Amazon Linux AMI : perl-Spreadsheet-ParseExcel (ALAS-2024-1905)
The version of perl-Spreadsheet-ParseExcel installed on the remote host is prior to 0.5900-5.3. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1905 advisory. Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel i...
Important: perl-Spreadsheet-ParseExcel
Issue Overview: Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type "eval". Specifically, the issue stems from the...
SUSE: Security Advisory (SUSE-SU-2024:0158-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : perl-Spreadsheet-ParseExcel (SUSE-SU-2024:0158-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0158-1 advisory. - Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files...
SUSE-SU-2024:0158-1 Security update for perl-Spreadsheet-ParseExcel
This update for perl-Spreadsheet-ParseExcel fixes the following issues: - CVE-2023-7101: Fixed a command injection issue when parsing an untrusted spreadsheet bsc1218414...
Fedora: Security Advisory (FEDORA-2023-921f6975c2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for perl-Spreadsheet-ParseExcel (FEDORA-2023-84d3cc47b1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Arbitrary Code Execution
Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution. The vulnerability due to passing unvalidated input from a file into a string-type “eval”. It allows an attacker spreads malicious code which leads to arbitrary code execution...