Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Content Manipulation with Certificate Validation Attack
Vulnerability Description
An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid (or unknown to LibreOffice) algorithm and LibreOffice would incorrectly present such a signature with an unknown algorithm as a valid signature issued by a trusted person This issue affects LibreOffice: from 7.0 before 7.0.5, from 7.1 before 7.1.1.
CVSS Information
N/A
Vulnerability Type
证书验证不恰当
Vulnerability Title
LibreOffice 数据伪造问题漏洞
Vulnerability Description
LibreOffice是文档基金会(The Document Foundation,tdf)的一套开源的办公软件套件。该产品包含Writer(文本文档)、Calc(电子表格)和Impress(演示文稿)等应用程序。 LibreOffice 存在数据伪造问题漏洞,该漏洞源于应用程序没有正确地检查ODF文件的数字签名。攻击者可利用该漏洞将文档中的签名算法更改为无效的(或LibreOffice未知的)算法,LibreOffice将错误地将这种使用未知算法的签名表示为可信人员签发的有效签名。
CVSS Information
N/A
Vulnerability Type
N/A