Microsoft Office 2007是一款微软开发的流行的办公处理应用程序。
Microsoft Office 2007不安全对基于XML文档的签名,远程攻击者可以利用漏洞伪造签名,使目标用户盲目信任文档。
Microsoft Office文档根据文件中docProps/core.xml的DublinCore metadata来携带META数据信息,在这些META数据信息中"LastModifiedBy", "creator"字段可通过"Office Button -> Prepare -> Properties"菜单来显示/更改。这些条目更改时没有任何签名验证,至少在Windows操作系统下这些信息仍旧显示在Windows的文件系统属性中。
Microsoft Office 2007 0
+ Microsoft Access 2007 0
+ Microsoft Access 2007 0
+ Microsoft Communicator 2007 0
+ Microsoft Communicator 2007 0
+ Microsoft Excel 2003
+ Microsoft Excel 2007 0
+ Microsoft Excel 2007 0
+ Microsoft FrontPage 2003
+ Microsoft Groove 2007 0
+ Microsoft Groove 2007 0
+ Microsoft InfoPath 2003
+ Microsoft InfoPath 2007 0
+ Microsoft InfoPath 2007 0
+ Microsoft Office Word 2007 0
+ Microsoft Office Word 2007 0
+ Microsoft OneNote 2003 0
+ Microsoft Outlook 2003 0
+ Microsoft Outlook 2007 0
+ Microsoft Outlook 2007 0
+ Microsoft PowerPoint 2003 0
+ Microsoft PowerPoint 2007 0
+ Microsoft PowerPoint 2007 0
+ Microsoft Project Professional 2007 0
+ Microsoft Project Professional 2007 0
+ Microsoft Project Standard 2007 0
+ Microsoft Project Standard 2007 0
+ Microsoft Publisher 2003
+ Microsoft Publisher 2007 0
+ Microsoft Publisher 2007 0
+ Microsoft SharePoint Designer 2007 0
+ Microsoft SharePoint Designer 2007 0
+ Microsoft Visio Professional 2007 0
+ Microsoft Visio Professional 2007 0
+ Microsoft Visio Standard 2007 0
+ Microsoft Visio Standard 2007 0
+ Microsoft Word 2003
目前没有详细解决方案提供:
<a href=http://www.microsoft.com/office/ target=_blank>http://www.microsoft.com/office/</a>
京公网安备 11010502034610号
暂无评论