|
Full Disclosure
mailing list archives
Re: Secunia Research: Microsoft Excel Record Parsing Input Validation Vulnerability
From: Paul Heinlein <heinlein () madboa com>
Date: Tue, 8 Jun 2010 17:49:40 -0700 (PDT)
On Tue, 8 Jun 2010, Secunia Research wrote:
======================================================================
Secunia Research 08/06/2010
- Microsoft Excel Record Parsing Input Validation Vulnerability -
======================================================================
======================================================================
2) Severity
Rating: Highly critical
Impact: System compromise
Where: Remote
======================================================================
6) Time Table
04/12/2009 - Vendor notified.
04/12/2009 - Vendor response.
11/01/2010 - Status update requested.
12/01/2010 - Vendor provides status update.
30/03/2010 - Vendor provides status update.
27/04/2010 - Vendor provides status update.
26/05/2010 - Vendor provides status update.
08/06/2010 - Public disclosure.
15.75 months to respond to a critical vulnerability in one of the most
widely used business applications the world has seen? w00t.
--
Paul Heinlein <> heinlein () madboa com <> www.madboa.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
