File Detection Vulnerability in Office Web Components by Microsoft
CVE-2002-1340

Currently unrated

Key Information:

Vendor

Microsoft
Status
Office Web Components
Vendor
CVE Published:
18 December 2002

What is CVE-2002-1340?

The 'ConnectionFile' property within the DataSourceControl component of Office Web Components (OWC) 10 is vulnerable, enabling remote attackers to infer the existence of local files. This is achieved by provoking an exception when a requested file is not accessible, which can be exploited to gather information about the file structure on a user's system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://security.greymagic.com/adv/gm008-ie/
x_refsource_MISC
http://marc.info/?l=bugtraq&m=101830175621193&w=2
mailing-listx_refsource_BUGTRAQ

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.