File Exposure Vulnerability in Office Web Components by Microsoft
CVE-2002-1339

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office Web Components
Vendor: CVE Published:; 18 December 2002

Summary

The 'XMLURL' property in the Spreadsheet component of Microsoft Office Web Components 10 follows redirections, enabling remote attackers to exploit this behavior. By doing so, they can identify the existence of local files through exceptions and gain unauthorized access to WorkSheet XML files. This vulnerability poses a significant risk as it can expose sensitive information to potential attackers.

References

http://security.greymagic.com/adv/gm008-ie/

x_refsource_MISC

http://marc.info/?l=bugtraq&m=101830175621193&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

14% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 18, 2002
Vulnerability Reserved
Dec 3, 2002