Microsoft Excel conditional formatting vulnerability

Added: 03/14/2008 CVE: CVE-2008-0117 BID: 28170 OSVDB: 42731 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a file...

Microsoft Excel conditional formatting vulnerability

Added: 03/14/2008 CVE: CVE-2008-0117 BID: 28170 OSVDB: 42731 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a file...

Spoofing

Unspecified vulnerability in Microsoft Excel 2000 SP3 and 2002 SP2, and Office 2004 and 2008 for Mac, allows user-assisted remote attackers to execute arbitrary code via crafted conditional formatting values, aka "Excel Conditional Formatting Vulnerability."...

CVE-2008-0117

CVE-2008-0117 refers to a remote code execution vulnerability in Microsoft Excel related to crafted conditional formatting values. Affected are Excel 2000 SP3, Excel 2002 SP2, and Office for Mac 2004/2008. Exploitation requires a user to open a specially crafted file, enabling arbitrary code exec...

CVE-2008-0117

Unspecified vulnerability in Microsoft Excel 2000 SP3 and 2002 SP2, and Office 2004 and 2008 for Mac, allows user-assisted remote attackers to execute arbitrary code via crafted conditional formatting values, aka "Excel Conditional Formatting Vulnerability."...

[SECURITY] Fedora Core 6 Update: tetex-3.0-36.fc6

TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter-independent .dvi DeVice Independent file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or...

[SECURITY] Fedora 8 Update: tetex-3.0-44.3.fc8

TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter-independent .dvi DeVice Independent file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or...

[SECURITY] Fedora 7 Update: tetex-3.0-40.3.fc7

TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter-independent .dvi DeVice Independent file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or...

wireshark security update

0.99.6-1.el5.01 - Added patch for OCFS2 formatting 0.99.6-1 - upgrade to 0.99.6 - Wireshark could crash when dissecting an HTTP chunked response - Wireshark could crash while reading iSeries capture files - Wireshark could exhaust system memory while reading a malformed DCP ETSI packet - Wireshar...

[SECURITY] Fedora 7 Update: kdeutils-3.5.8-2.fc7

Utilities for the K Desktop Environment. Includes: ark tar/gzip archive manager; kcalc scientific calculator; kcharselect character selector; kdepasswd change password; kdessh ssh front end; kdf view disk usage; kedit simple text editor; kfloppy floppy formatting tool; kgpg gpg gui khexedit hex...

Only allow basic formatting macros in comments

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-9387. panel Currently it is possible for users with create comments permission to embed macros in these comments. This is a...

[SECURITY] Fedora Core 6 Update: tetex-3.0-35.fc6

TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter-independent .dvi DeVice Independent file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or...

[SECURITY] Fedora 7 Update: tetex-3.0-40.1.fc7

TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter-independent .dvi DeVice Independent file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or...

Sql injection

SQL injection vulnerability in bb-includes/formatting-functions.php in bbPress before 0.8.1 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors to forums/bb-edit.php, as demonstrated by a PRE element, aka the "quircky slashes bug."...

CVE-2007-3244

CVE-2007-3244 describes a SQL injection in bbPress prior to version 0.8.1. The vulnerability is in bb-includes/formatting-functions.php and can allow remote attackers to execute arbitrary SQL commands via unspecified vectors to forums/bb-edit.php, demonstrated by a PRE element (the “quirky slashe...

security flaw

Mailman before 2.1.9rc1 allows remote attackers to cause a denial of service via unspecified vectors involving "standards-breaking RFC 2231 formatted headers"...

Several home malicious code-vulnerability warning-the black bar safety net

Here to say a few page malicious code:"not is to let everybody put these code into your homepage! Just want everyone to be able to understand the malicious code, play a better protective effect!" A, The Loop code: "Put the following code added to the page, you can achieve the above effects" img...

security flaw

HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...

DEBIAN-CVE-2006-0322

Unspecified vulnerability the edit comment formatting functionality in MediaWiki 1.5.x before 1.5.6 and 1.4.x before 1.4.14 allows attackers to cause a denial of service infinite loop via "certain malformed links."...

security flaw

The IAPP dissector packet-iapp.c for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissectpdus and pduvaltostr functions...