-
Update clsid.py
-
ref: https://support.office.com/en-us/article/flash-silverlight-and-shockwave-controls-blocked-in-office-2016-55738f12-a01d-420e-a533-7cef1ff6aeb1
-
Csv formula extension
-
Update clsid.py (CVE-2018-8174)
-
CVE-2018-8174: https://securelist.com/root-cause-analysis-of-cve-2018-8174/85486/ Uses the same technique as CVE-2017-0199 in the RTF document. URL Moniker ---> Media Negotiation(server returns content-type: text/html, CVE-2017-0199 server returns content-type: application/hta, which was already blocked by "IActivationFilter" in MSO.DLL) ---> HTML triggers a vulnerability in vbscript.dll(CVE-2018-8174)
-
remove a duplicated key
-
oleid: detect OpenXML encryption
-
msodde: Determine when error condition actually is one
-
msodde would sometimes complain that something should be an error condition. Determined that most of these are not and raise proper error for those that really are an error.
-
Fix AttributeError: 'str' object has no attribute 'decode'.
-
extract_macros() returns vba_code as bytes or string (string only for OpenXML/PPT -- open_text() decodes bytes to string). This way it is already implemented in process_file() and process_file_json(). Sample hash: 586DB43601FB55E89E67DFE569E1E9983779722ED47A8E1F23ADF54D04D3DF4B
-
Update oledir.py