Back to search
CVE-2007-6329
Published: Dec 13, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Microsoft Office 2007 12.0.6015.5000 and MSO 12.0.6017.5000 do not sign the metadata of Office Open XML (OOXML) documents, which makes it easier for remote attackers to modify Dublin Core metadata fields, as demonstrated by the (1) LastModifiedBy and (2) creator fields in docProps/core.xml in the OOXML ZIP container.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
3443
third-party-advisory
x_refsource_SREASON
microsoftoffice-xml-weak-security(39021)
vdb-entry
x_refsource_XF
26833
vdb-entry
x_refsource_BID
20071212 MS Office 2007: Digital Signature does not protect Meta-Data
mailing-list
x_refsource_BUGTRAQ
44938
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now