Commit 345a996d53ef084212aa1661f76f13fd99843b74
1 parent
932d2469
rtfobj: added detection of the OLE2Link vulnerability CVE-2017-0199
Showing
1 changed file
with
2 additions
and
2 deletions
oletools/rtfobj.py
| @@ -69,7 +69,7 @@ http://www.decalage.info/python/oletools | @@ -69,7 +69,7 @@ http://www.decalage.info/python/oletools | ||
| 69 | # - fixed hex decoding bug in RtfObjParser (issue #103) | 69 | # - fixed hex decoding bug in RtfObjParser (issue #103) |
| 70 | # 2017-03-29 PL: - fixed RtfParser to handle issue #152 (control word with | 70 | # 2017-03-29 PL: - fixed RtfParser to handle issue #152 (control word with |
| 71 | # long parameter) | 71 | # long parameter) |
| 72 | -# 2017-04-11 PL: - added detection of the OLE2Link vulnerability | 72 | +# 2017-04-11 PL: - added detection of the OLE2Link vulnerability CVE-2017-0199 |
| 73 | 73 | ||
| 74 | __version__ = '0.51dev5' | 74 | __version__ = '0.51dev5' |
| 75 | 75 | ||
| @@ -716,7 +716,7 @@ def process_file(container, filename, data, output_dir=None, save_object=False): | @@ -716,7 +716,7 @@ def process_file(container, filename, data, output_dir=None, save_object=False): | ||
| 716 | # http://www.kb.cert.org/vuls/id/921560 | 716 | # http://www.kb.cert.org/vuls/id/921560 |
| 717 | if rtfobj.class_name == 'OLE2Link': | 717 | if rtfobj.class_name == 'OLE2Link': |
| 718 | ole_color = 'red' | 718 | ole_color = 'red' |
| 719 | - ole_column += '\nPossibly an exploit for the OLE2Link vulnerability (VU#921560, CVE-2017-TODO)' | 719 | + ole_column += '\nPossibly an exploit for the OLE2Link vulnerability (VU#921560, CVE-2017-0199)' |
| 720 | else: | 720 | else: |
| 721 | pkg_column = '' | 721 | pkg_column = '' |
| 722 | ole_column = 'Not a well-formed OLE object' | 722 | ole_column = 'Not a well-formed OLE object' |