Closed
Description
This was reported to info@thinkst.com 5 days ago. Please confirm and fix these issues, also I'd really like a version number.
Reported by Gionathan Armando Reale
CVE-2019-9768
#####################################################################
Identification:
Due to size/metadata/timestamp being very limited in variation it is easily possible to detect which Word documents are likely to contain CanaryTokens.
Detection Bypass:
Opening a Word document containing a CanaryToken using Protected View will allow you to view the file without triggering the CanaryToken. Opening the Word document with Libreoffice Writer 6.x.x.x will allow you to view the file without triggering the CanaryToken. Other document viewers may also bypass detection.
Metadata
Metadata
Assignees
Labels
No labels