CVE-2002-1339

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office Web Components
Vendor: CVE Published:; 18 December 2002

Summary

The "XMLURL" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files.

References

http://security.greymagic.com/adv/gm008-ie/

x_refsource_MISC

http://marc.info/?l=bugtraq&m=101830175621193&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

47% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 18, 2002
Vulnerability Reserved
Dec 3, 2002

Collectors

NVD DatabaseMitre Database