Vulnerability Details : CVE-2007-6329
Microsoft Office 2007 12.0.6015.5000 and MSO 12.0.6017.5000 do not sign the metadata of Office Open XML (OOXML) documents, which makes it easier for remote attackers to modify Dublin Core metadata fields, as demonstrated by the (1) LastModifiedBy and (2) creator fields in docProps/core.xml in the OOXML ZIP container.
Exploit prediction scoring system (EPSS) score for CVE-2007-6329
Probability of exploitation activity in the next 30 days: 10.26%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-6329
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
10.0
|
4.9
|
NIST |
CWE ids for CVE-2007-6329
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-6329
Products affected by CVE-2007-6329
- cpe:2.3:a:microsoft:office:2007:12.0.6015.5000:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2007:12.0.6017.5000:*:*:*:*:*:*