103 matches found
Microsoft Office Excel Note Record Information Disclosure (CVE-2018-8382)
An information disclosure vulnerability exists in Microsoft Excel. The vulnerability is due to a missing length verification in the parsing of workbook streams. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Microsoft Office Excel Workbook Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Hancom Hangul HCell HncChart CFormulaTokenSizeModifier Code Execution Vulnerability(CVE-2016-4295)
Description This vulnerability was discovered within the Hangul Hcell application which is part of the Hangul Office Suite. Hangul Office is published by Hancom, Inc. and is considered one of the more popular Office suites used within South Korea. When opening a Hangul Hcell Document .cell and...
Hancom Hangul HCell Workbook Table and Pivot Style Code Execution Vulnerability(CVE-2016-4293)
Description This vulnerability was discovered within the Hangul Hcell application which is part of the Hangul Office Suite. Hangul Office is published by Hancom, Inc. and is considered one of the more popular Office suites used within South Korea. When opening a Hangul Hcell Document .cell and...
Microsoft Office Excel xls File Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...
CVE-2016-4294
When opening a Hangul Hcell Document .cell and processing a property record within the Workbook stream, Hancom Office 2014 will attempt to allocate space for an element using a length from the file. When copying user-supplied data to this buffer, however, the application will use a different size...
CVE-2016-4295
When opening a Hangul Hcell Document .cell and processing a particular record within the Workbook stream, an index miscalculation leading to a heap overlow can be made to occur in Hancom Office 2014. The vulnerability occurs when processing data for a formula used to render a chart via the...
Hancom Hangul HCell CSSValFormat::CheckUnderbar Code Execution Vulnerability
Talos Vulnerability Report TALOS-2016-0151 Hancom Hangul HCell CSSValFormat::CheckUnderbar Code Execution Vulnerability August 4, 2016 CVE Number CVE-2016-4296 Description This vulnerability was discovered within the Hangul Hcell application which is part of the Hangul Office Suite. Hangul Office...
Hancom Hangul HCell Workbook Table and Pivot Style Code Execution Vulnerability
Talos Vulnerability Report TALOS-2016-0148 Hancom Hangul HCell Workbook Table and Pivot Style Code Execution Vulnerability August 4, 2016 CVE Number CVE-2016-4293 Description This vulnerability was discovered within the Hangul Hcell application which is part of the Hangul Office Suite. Hangul...
FreeXL: Multiple vulnerabilities
Background FreeXL is an open source library to extract valid data from within an Excel .xls spreadsheet. Description FreeXL’s shared strings and workbook functions are vulnerable to the remote execution of arbitrary code and Denial of Service. This can be achieved through specially crafted...
FreeXL Denial of Service Vulnerability (CNVD-2015-02146)
FreeXL is an open source library for extracting valid data from Excel .xls spreadsheets developed by software developer Alessandro Furieri. A security vulnerability exists in the 'parseSST' function in FreeXL versions prior to 1.0.0i. The vulnerability can be exploited by a remote attacker to cau...
DEBIAN-CVE-2015-2776
The parseSST function in FreeXL before 1.0.0i allows remote attackers to cause a denial of service memory consumption via a crafted shared strings table in a workbook...
CVE-2015-2776
The parseSST function in FreeXL before 1.0.0i allows remote attackers to cause a denial of service memory consumption via a crafted shared strings table in a workbook...
DEBIAN-CVE-2015-2754
FreeXL before 1.0.0i allows remote attackers to cause a denial of service stack corruption and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."...
CVE-2015-2754
FreeXL before 1.0.0i allows remote attackers to cause a denial of service stack corruption and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."...
DEBIAN-CVE-2015-2753
FreeXL before 1.0.0i allows remote attackers to cause a denial of service stack corruption or possibly execute arbitrary code via a crafted sector in a workbook...
Code injection
The parseSST function in FreeXL before 1.0.0i allows remote attackers to cause a denial of service memory consumption via a crafted shared strings table in a workbook...
Design/Logic Flaw
FreeXL before 1.0.0i allows remote attackers to cause a denial of service stack corruption or possibly execute arbitrary code via a crafted sector in a workbook...
CVE-2015-2754
FreeXL before 1.0.0i allows remote attackers to cause a denial of service stack corruption and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."...
UBUNTU-CVE-2015-2753
FreeXL before 1.0.0i allows remote attackers to cause a denial of service stack corruption or possibly execute arbitrary code via a crafted sector in a workbook...