123elf Project Buffer Overflow

CVE Category Price Severity
Author Risk Exploitation Type Date
ExploitMaster High Remote 2022-09-06
Not available

CVSS vector description

Our sensors found this exploit at:

Below is a copy:

123elf Project Buffer Overflow
# About

The 123 command is a spreadsheet application for UNIX-based systems that
can be used in interactive mode to create and modify financial and
scientific models.

For more information, see

# Advisory

A stack buffer overflow was reported in the cell format processing
routines. If a victim opens an untrusted malicious worksheet, code
execution could occur.

There have been no reports of this vulnerability being exploited in the wild.

We take your security very seriously, in fact, this is the first known
vulnerability reported in Lotus 1-2-3 R3 since it's release in September

# Credit

This issue was reported to the 123elf project by dbastone.

# Solution

A new release has been prepared to resolve this issue, we recommend
affected users upgrade immediately.

Lotus 1-2-3 releases for other platforms are affected, but are not
actively maintained. MS-DOS, OS/2, OpenVMS, z/OS and SysV/386 users are
advised to migrate to Linux to continue receiving updates.

 _o)            $ lynx
 /\\  _o)  _o)  $ finger [email protected]
_\_V _( ) _( )  @taviso

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.