/ 
Spreadsheet-ParseExcel-0.13 UNAUTHORIZED RELEASE
Security Advisories (1)
CVE-2023-7101 (2023-12-24)

Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic.

Changes for version 0.13 - 2001-02-21

  • Support Pps 'BOOK' (not 'Book') with OLE::Storage_Lite 0.07 (Thank you, Punam Chordia )
  • Modify Makefile.PL (define OLE::Storage_Lite Version) (Thank you, Aldo Calpini)
  • Fix Conetinue ASCII-Unicode pattern (Thank you, Tim Wills)
  • Add FmtUnicode sample :dmpExU.pl (Sorry and thank you, Mike Goblin)

Modules

Spreadsheet::ParseExcel
Get information from Excel file UNAUTHORIZED

Provides

Spreadsheet::ParseExcel::Cell
in ParseExcel.pm
Spreadsheet::ParseExcel::FmtDefault
in ParseExcel/FmtDefault.pm
Spreadsheet::ParseExcel::FmtJapan
in ParseExcel/FmtJapan.pm
Spreadsheet::ParseExcel::FmtJapan2
in ParseExcel/FmtJapan2.pm
Spreadsheet::ParseExcel::FmtUnicode
in ParseExcel/FmtUnicode.pm
Spreadsheet::ParseExcel::Font
in ParseExcel.pm
Spreadsheet::ParseExcel::Format
in ParseExcel.pm
Spreadsheet::ParseExcel::Workbook
in ParseExcel.pm
Spreadsheet::ParseExcel::Worksheet
in ParseExcel.pm

Examples

Other files