CVE-2002-0727

Currently unrated

Key Information:

Vendor: Microsoft
Status: Project; Office Web Components
Vendor: CVE Published:; 24 September 2002

Summary

The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.osvdb.org/3006

vdb-entryx_refsource_OSVDB

http://www.iss.net/security_center/static/8777.php

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Sep 24, 2002
Vulnerability Reserved
Jul 22, 2002