19 matches found
Microsoft Excel .SLK Payload Delivery
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Microsoft Excel .SLK Payload Delivery", 'Description' = %Q This module generates a download and execute Powershell command to be placed in an .SL...
Microsoft Excel .SLK Payload Delivery
This module generates a download and execute Powershell command to be placed in an .SLK Excel spreadsheet. When executed, it will retrieve a payload via HTTP from a web server. When the file is opened, the user will be prompted to "Enable Content." Once this is pressed, the payload will execute...
autotrader.co.za XSS vulnerability
Vulnerable URL: http://www.autotrader.co.za/car-news/mercedes"-benz/slk-class/1103fd43-5c45-4787-8c67-70b936e5c306-mercedes-amggtandgts Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 21:36 GMT Vulnerability type:| XSS Vulnerability status:|...
OpenOffice 3.1 - '.slk' File NULL Pointer Dereference Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37857/info OpenOffice is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference. Attackers can exploit this issue by enticing an unsuspecting victim to open a specially crafted '.slk' file...
Slackware: Security Advisory (SSA:2011-041-05)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Excel SLK File Parsing Buffer Overflow
Added: 08/15/2011 CVE: CVE-2011-1276 BID: 48161 OSVDB: 72924 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Office Excel is vulnerable to remote code execution due to improper boundary...
Microsoft Excel SLK File Parsing Buffer Overflow
Added: 08/15/2011 CVE: CVE-2011-1276 BID: 48161 OSVDB: 72924 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Office Excel is vulnerable to remote code execution due to improper boundary...
Microsoft Excel SLK File Parsing Buffer Overflow
Added: 08/15/2011 CVE: CVE-2011-1276 BID: 48161 OSVDB: 72924 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Office Excel is vulnerable to remote code execution due to improper boundary...
Microsoft Excel SLK File Parsing Code Execution (MS11-045; CVE-2011-1276)
Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the SLK file format. A remote attacker could trigger this flaw by...
Microsoft XML Editor Crafted Entity Information Disclosure (MS11-049; CVE-2011-1280)
Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the SLK file format. A remote attacker could trigger this flaw by...
OpenOffice for Windows ".slk" File Parsing Null Pointer Vulnerability
Product: OpenOffice Tested Vulnerable Versions: 3.1.1 and 3.1.0 Vulnerability: Null Pointer Description: Hellcode Research discovered a null pointer vulnerability in Openoffice for Windows. Opening a malformed ".slk" file with Openoffice, causes a crash on "soffice.bin" PoC:...
OpenOffice - .slk Parsing Null Pointer
OpenOffice - .slk Parsing Null Pointer Product: OpenOffice Tested Vulnerable Versions: 3.1.1 and 3.1.0 Vulnerability: Null Pointer Description: Hellcode Research discovered a null pointer vulnerability in Openoffice for Windows. Opening a malformed ".slk" file with Openoffice, causes a crash on...
OpenOffice 3.1 - .slk Null Pointer Dereference Remote Denial of Service
OpenOffice 3.1 - .slk Null Pointer Dereference Remote Denial of Service source: https://www.securityfocus.com/bid/37857/info OpenOffice is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference. Attackers can exploit this issue by enticing an unsuspecting victim to...
OpenOffice 3.1 - '.slk' Null Pointer Dereference Remote Denial of Service
source: https://www.securityfocus.com/bid/37857/info OpenOffice is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference. Attackers can exploit this issue by enticing an unsuspecting victim to open a specially crafted '.slk' file. Successful exploits will cause th...
OpenOffice NULL pointer dereference
NULL pointer dereference on CSV and SLK files parsing...
Design/Logic Flaw
Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Import Vulnerability."...
CVE-2008-0112
Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Import Vulnerability."...
CVE-2008-0112
Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Import Vulnerability."...
CVE-2008-0112
CVE-2008-0112 (Excel File Import Vulnerability) describes a remote code execution in Microsoft Excel 2000 SP3 and Office for Mac 2004/2008 triggered by importing a specially crafted SYLK (.slk) file. The underlying issue is improper validation/handling of SYLK data during import, allowing an atta...