Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Timestamp Manipulation with Signature Wrapping
Vulnerability Description
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to modify a digitally signed ODF document to insert an additional signing time timestamp which LibreOffice would incorrectly present as a valid signature signed at the bogus signing time. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.
CVSS Information
N/A
Vulnerability Type
证书验证不恰当
Vulnerability Title
LibreOffice 信任管理问题漏洞
Vulnerability Description
LibreOffice是文档基金会(The Document Foundation,tdf)的一套开源的办公软件套件。该产品包含Writer(文本文档)、Calc(电子表格)和Impress(演示文稿)等应用程序。 LibreOffice存在信任管理问题漏洞,该漏洞源于应用程序未正确检查ODF文件的数字签名。攻击者可利用该漏洞将文档中的签名算法更改为无效的(或LibreOffice未知的)算法,LibreOffice将错误地将这种使用未知算法的签名表示为可信人员签发的有效签名。
CVSS Information
N/A
Vulnerability Type
N/A