mailing list archives
Re: Secunia Research: Microsoft Excel Record Parsing Input Validation Vulnerability
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Wed, 09 Jun 2010 15:23:47 +1200
Paul Heinlein wrote:
04/12/2009 - Vendor notified.
04/12/2009 - Vendor response.
11/01/2010 - Status update requested.
12/01/2010 - Vendor provides status update.
30/03/2010 - Vendor provides status update.
27/04/2010 - Vendor provides status update.
26/05/2010 - Vendor provides status update.
08/06/2010 - Public disclosure.
15.75 months to respond to a critical vulnerability in one of the most
widely used business applications the world has seen? w00t.
Ummmm -- your US-centric view of dates is showing rather obviously,
unless you can explain the unexpected appearance of a 27th month this
year -- one that, even more oddly, cam after the 30th month and before
the 26th, which itself came before the 8th month which itself has come
before we've reached the middle of the June, the 6th month...
Or maybe your US-centric view of dates coupled with your loathing of MS
blinded you to your date inadequacies?
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/