Full Disclosure mailing list archives
Re: Secunia Research: Microsoft Excel Record Parsing Input Validation Vulnerability
From: Paul Heinlein <heinlein () madboa com>
Date: Tue, 8 Jun 2010 17:49:40 -0700 (PDT)
On Tue, 8 Jun 2010, Secunia Research wrote:
====================================================================== Secunia Research 08/06/2010 - Microsoft Excel Record Parsing Input Validation Vulnerability - ====================================================================== ====================================================================== 2) Severity Rating: Highly critical Impact: System compromise Where: Remote ====================================================================== 6) Time Table 04/12/2009 - Vendor notified. 04/12/2009 - Vendor response. 11/01/2010 - Status update requested. 12/01/2010 - Vendor provides status update. 30/03/2010 - Vendor provides status update. 27/04/2010 - Vendor provides status update. 26/05/2010 - Vendor provides status update. 08/06/2010 - Public disclosure.
15.75 months to respond to a critical vulnerability in one of the most widely used business applications the world has seen? w00t. -- Paul Heinlein <> heinlein () madboa com <> www.madboa.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Secunia Research: Microsoft Excel Record Parsing Input Validation Vulnerability Secunia Research (Jun 08)
- Re: Secunia Research: Microsoft Excel Record Parsing Input Validation Vulnerability Paul Heinlein (Jun 08)
- Re: Secunia Research: Microsoft Excel Record Parsing Input Validation Vulnerability Nick FitzGerald (Jun 08)
- Re: Secunia Research: Microsoft Excel Record Parsing Input Validation Vulnerability Paul Heinlein (Jun 08)