19 matches found
Microsoft Excel .SLK Payload Delivery
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Microsoft Excel .SLK Payload Delivery", 'Description' = %Q This module generates a download and execute Powershell command to be placed in an .SL...
Microsoft Excel .SLK Payload Delivery
This module generates a download and execute Powershell command to be placed in an .SLK Excel spreadsheet. When executed, it will retrieve a payload via HTTP from a web server. When the file is opened, the user will be prompted to "Enable Content." Once this is pressed, the payload will execute...
autotrader.co.za XSS vulnerability
Vulnerable URL: http://www.autotrader.co.za/car-news/mercedes"-benz/slk-class/1103fd43-5c45-4787-8c67-70b936e5c306-mercedes-amggtandgts Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 21:36 GMT Vulnerability type:| XSS Vulnerability status:|...
OpenOffice 3.1 - '.slk' File NULL Pointer Dereference Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37857/info OpenOffice is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference. Attackers can exploit this issue by enticing an unsuspecting victim to open a specially crafted '.slk' file...
Slackware: Security Advisory (SSA:2011-041-05)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Excel SLK File Parsing Buffer Overflow
Added: 08/15/2011 CVE: CVE-2011-1276 BID: 48161 OSVDB: 72924 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Office Excel is vulnerable to remote code execution due to improper boundary...
Microsoft Excel SLK File Parsing Buffer Overflow
Added: 08/15/2011 CVE: CVE-2011-1276 BID: 48161 OSVDB: 72924 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Office Excel is vulnerable to remote code execution due to improper boundary...
Microsoft Excel SLK File Parsing Buffer Overflow
Added: 08/15/2011 CVE: CVE-2011-1276 BID: 48161 OSVDB: 72924 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Office Excel is vulnerable to remote code execution due to improper boundary...
Microsoft Excel SLK File Parsing Code Execution (MS11-045; CVE-2011-1276)
Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the SLK file format. A remote attacker could trigger this flaw by...
Microsoft XML Editor Crafted Entity Information Disclosure (MS11-049; CVE-2011-1280)
Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the SLK file format. A remote attacker could trigger this flaw by...
OpenOffice - .slk Parsing Null Pointer
OpenOffice - .slk Parsing Null Pointer Product: OpenOffice Tested Vulnerable Versions: 3.1.1 and 3.1.0 Vulnerability: Null Pointer Description: Hellcode Research discovered a null pointer vulnerability in Openoffice for Windows. Opening a malformed ".slk" file with Openoffice, causes a crash on...
OpenOffice 3.1 - .slk Null Pointer Dereference Remote Denial of Service
OpenOffice 3.1 - .slk Null Pointer Dereference Remote Denial of Service source: https://www.securityfocus.com/bid/37857/info OpenOffice is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference. Attackers can exploit this issue by enticing an unsuspecting victim to...
OpenOffice NULL pointer dereference
NULL pointer dereference on CSV and SLK files parsing...
OpenOffice for Windows ".slk" File Parsing Null Pointer Vulnerability
Product: OpenOffice Tested Vulnerable Versions: 3.1.1 and 3.1.0 Vulnerability: Null Pointer Description: Hellcode Research discovered a null pointer vulnerability in Openoffice for Windows. Opening a malformed ".slk" file with Openoffice, causes a crash on "soffice.bin" PoC:...
OpenOffice 3.1 - '.slk' Null Pointer Dereference Remote Denial of Service
source: https://www.securityfocus.com/bid/37857/info OpenOffice is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference. Attackers can exploit this issue by enticing an unsuspecting victim to open a specially crafted '.slk' file. Successful exploits will cause th...
Design/Logic Flaw
Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Import Vulnerability."...
CVE-2008-0112
Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Import Vulnerability."...
CVE-2008-0112
Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Import Vulnerability."...
CVE-2008-0112
CVE-2008-0112 (Excel File Import Vulnerability) describes a remote code execution in Microsoft Excel 2000 SP3 and Office for Mac 2004/2008 triggered by importing a specially crafted SYLK (.slk) file. The underlying issue is improper validation/handling of SYLK data during import, allowing an atta...