Lucene search
IBM98C349BA0EBFF61A6047E09472D71A2CBEFA597AAA50D9508CBD66EAE7BEFEF5HistoryJul 24, 2020 - 9:16 p.m.
Security Bulletin: CVE-2014-3524 CSV Injection in reports
2020-07-2421:16:35
www.ibm.com
21
Summary
Cells in csv reports need to sanitize for legacy CSV Injection concerns.
Vulnerability Details
**Third Party Entry:**PSIRT-ADV0017245
**DESCRIPTION:**Created from Advisory: ADV0017245
CVSS Base score: 8.1
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| UCD - IBM UrbanCode Deploy | All |
Remediation/Fixes
Upgrade the UCD server to 7.0.4.0 or later.
Workarounds and Mitigations
Use fully patched csv viewer.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm urbancode deploy | eq | 7.0.4.0 |
Related
nessus
nessus
Ubuntu 14.04 LTS : LibreOffice vulnerability (USN-2331-1)
2014-09-03 00:00:00
LibreOffice 4.3.x < 4.3.1 Multiple Vulnerabilities
2014-12-17 00:00:00
Apache OpenOffice < 4.1.1 Multiple Vulnerabilities
2014-08-27 00:00:00
ubuntucve
ubuntucve
CVE-2014-3524
2014-08-26 00:00:00
hackerone
hackerone
Consensys: CSV Injection at https://assets-paris-demo.codefi.network/
2022-10-25 08:59:53
securityvulns
securityvulns
CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability
2014-08-24 00:00:00
Apache OpenOffice security vulnerabilities
2014-08-24 00:00:00
cve
cve
CVE-2014-3524
2014-08-26 14:55:00
openvas
openvas
Ubuntu: Security Advisory (USN-2331-1)
2014-09-03 00:00:00
Apache OpenOffice Multiple Vulnerabilities -01 (May 2015) - Mac OS X
2015-06-01 00:00:00
Apache OpenOffice Multiple Vulnerabilities (Apr 2015) - Windows
2015-04-09 00:00:00
prion
prion
Design/Logic Flaw
2014-08-26 14:55:00
ubuntu
ubuntu
LibreOffice vulnerability
2014-09-02 00:00:00
gentoo
gentoo
LibreOffice, OpenOffice: Multiple vulnerabilities
2016-03-09 00:00:00
Related for 98C349BA0EBFF61A6047E09472D71A2CBEFA597AAA50D9508CBD66EAE7BEFEF5