DEBIAN-CVE-2017-10792

There is a NULL Pointer Dereference in the function llinsert of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack...

UBUNTU-CVE-2017-10791

There is an Integer overflow in the hashint function of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack...

CVE-2017-10792

There is a NULL Pointer Dereference in the function llinsert of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack...

CVE-2017-10792

There is a NULL Pointer Dereference in the function llinsert of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack...

Grab: CSV Injection https://hub.grab.com

@Poison had pointed out that it was possible to perform CSV Injection on hub.grab.com which was tested on Microsoft Excel 2016. Injection occurred by adding the payload in customer name field in Grab mobile application. The payload used was =cmd|' /C calc'!A0. We fixed this issue by properly...

Input validation

Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will create malicious formulas in the CSV data...

CVE-2016-1000222

Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will create malicious formulas in the CSV data...

CVE-2016-1000222

Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will create malicious formulas in the CSV data...

CVE-2016-1000222

Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will create malicious formulas in the CSV data...

CVE-2016-1000222

Elastic Logstash before version 2.1.2 is vulnerable to input crafted to place malicious formulas in CSV output, as described by CVE-2016-1000222. The issue arises in the CSV writer when processing engineered input. Affected product: Elastic Logstash (CSV output). Root cause: CSV generation accept...

AtMail Cross-Site Request Forgery Vulnerability

AtMail is an open source WebMail client from the Australian company Atmail , which provides a Webmail interface , address book management , calendars and other features , and supports IMAP, video mail and so on. A cross-site request forgery vulnerability exists in AtMail versions prior to 7.8.0.2...

CVE-2017-9517

atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV...

CVE-2017-9517

atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV...

PlaySMS 1.4 - import.php Remote Code Execution

PlaySMS 1.4 - import.php Remote Code Execution Exploit Title: PlaySMS 1.4 Remote Code Execution using Phonebook import Function in import.php Date: 21-05-2017 Software Link: https://playsms.org/download/ Version: 1.4 Exploit Author: Touhid M.Shaikh Contact: http://twitter.com/touhidshaikh22...

PlaySMS 1.4 - 'import.php' Remote Code Execution

Exploit Title: PlaySMS 1.4 Remote Code Execution using Phonebook import Function in import.php Date: 21-05-2017 Software Link: https://playsms.org/download/ Version: 1.4 Exploit Author: Touhid M.Shaikh Contact: http://twitter.com/touhidshaikh22 Website: http://touhidshaikh.com/ Category: webapps ...

Weblate: CSV Injection with the CVS export feature - Glossary

Hi, The "Download as a CSV" feature of Weblate does not properly "escape" fields. Here is more information about this issue: http://www.contextis.com/resources/blog/comma-separated-vulnerabilities/ Here is one method to reproduce this issue: 1 I can add new information in Glossary with a name...

Weblate: CSV export filter bypass leads to formula injection.

Dear Weblate bug bounty team, Summary --- The new filter can be bypassed using: %0A-3+3+cmd|' /C calc'!D2. python text = "%0A-3+3+cmd|' /C calc'!D2" def csvfilterbypass: if text and text0 in '=', '+', '-', '@': return "'" + text return text How can this be fixed? --- You need to escape and detect...

Weblate: CSV Injection with the CSV export feature

Step to reproduce : 1.go to https://hosted.weblate.org/dictionaries/aptoide-uploader/bn/add 2.add "=1+1" to Source and Translation filed F178723 3.now do CSV export 4.you can see all the cell is displayed as "2" which means the code is executed. Best Regad's, Jay Patel...

RHEL 7 : libreoffice (RHSA-2017:0914)

An update for libreoffice is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Moderate: Red Hat Security Advisory: libreoffice security and bug fix update

An update for libreoffice is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...