CVE-2017-12626

Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bugs 61338 and 61294, and 2 Out of Memory Exceptions while parsing crafted DOC, PPT and XLS POI bugs 52372 and 61295...

DEBIAN-CVE-2016-4434

Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity XXE attacks via vectors involving 1 spreadsheets in OOXML files and 2 XMP metadata in PDF and other file formats, a related issue to...

UBUNTU-CVE-2016-4434

Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity XXE attacks via vectors involving 1 spreadsheets in OOXML files and 2 XMP metadata in PDF and other file formats, a related issue to...

Debian: Security Advisory (DSA-3976-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 26 Update: libmwaw-0.3.11-3.fc26

libmwaw is a library for import of old Mac documents. It supports many kinds of text documents, spreadsheets, databases, vector and bitmap images. Supported are, for example, documents created by BeagleWorks, ClarisWorks, MacPaint, MacWrite or Microsoft Word for Mac. A full list of supported...

GLSA-201603-05 : LibreOffice, OpenOffice: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201603-05 LibreOffice, OpenOffice: Multiple vulnerabilities Multiple vulnerabilities were found in both LibreOffice and OpenOffice that allow the remote execution of arbitrary code and potential Denial of Service. These...

DSA-3310-1 freexl - security update

Bulletin has no description...

Apache OpenOffice Multiple Vulnerabilities -01 (May 2015) - Mac OS X

Apache OpenOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:openoffice";...

[SECURITY] [DSA 3208-1] freexl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3208-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 29, 2015 http://www.debian.org/security/faq -...

Apache OpenOffice Multiple Vulnerabilities (Apr 2015) - Windows

Apache OpenOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:openoffice";...

Debian DSA-3208-1 : freexl - security update

Jodie Cunningham discovered multiple vulnerabilities in freexl, a library to read Microsoft Excel spreadsheets, which might result in denial of service or the execution of arbitrary code if a malformed Excel file is opened. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

Debian Security Advisory DSA 3208-1 (freexl - security update)

Jodie Cunningham discovered multiple vulnerabilities in freexl, a library to read Microsoft Excel spreadsheets, which might result in denial of service or the execution of arbitrary code if a malformed Excel file is opened. OpenVAS Vulnerability Test $Id: deb3208.nasl 6609 2017-07-07 12:05:59Z...

Fedora 22 : freexl-1.0.0i-1.fc22 (2015-3517)

Four potentially harmful bugs causing crashes and stack corruption were detected in FreeXL by American Fuzzy Lop and are solved in this release. Please note: such issues are never realistically expected to be encountered in real world XLS spreadsheets, anyway some purposely forged XLS document...

LibreOffice 4.3.x < 4.3.1 Multiple Vulnerabilities

A version of LibreOffice is installed on the remote Windows host that is 4.3.x prior to 4.3.1. It is, therefore, affected by the following vulnerabilities : - An input-validation error exists related to handling Calc spreadsheets that allows arbitrary command execution. CVE-2014-3524 - An...

LibreOffice 4.x < 4.2.6-secfix (4.2.6.3) Multiple Vulnerabilities

A version of LibreOffice is installed on the remote Windows host that is 4.x prior to 4.2.6-secfix 4.2.6.3. It is, therefore, affected by the following vulnerabilities : - An input-validation error exists related to handling Calc spreadsheets that allows arbitrary command execution. CVE-2014-3524...

Ubuntu 14.04 LTS : LibreOffice vulnerability (USN-2331-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2331-1 advisory. Rohan Durve and James Kettle discovered LibreOffice Calc sometimes allowed for command injection when opening spreadsheets. If a user were tricked into opening a...

CVE-2013-0723

Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a denial of service memory corruption and crash or possibly execute arbitrary code via a crafted spreadsheet file...

Heap overflow

Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a denial of service memory corruption and crash or possibly execute arbitrary code via a crafted spreadsheet file...

CVE-2013-0723

Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a denial of service memory corruption and crash or possibly execute arbitrary code via a crafted spreadsheet file...

CVE-2013-0723

CVE-2013-0723 affects Kingsoft Spreadsheets 2012 (v8.1.0.3030) and related versions via multiple heap-based buffer overflows in etxrw.dll. The vulnerability can be triggered by a crafted spreadsheet file, potentially leading to memory corruption, denial of service, or arbitrary code execution. Th...