CVE-2002-1340

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office Web Components
Vendor: CVE Published:; 18 December 2002

Summary

The "ConnectionFile" property in the DataSourceControl component in Office Web Components (OWC) 10 allows remote attackers to determine the existence of local files by detecting an exception.

References

http://security.greymagic.com/adv/gm008-ie/

x_refsource_MISC

http://marc.info/?l=bugtraq&m=101830175621193&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

47% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 18, 2002
Vulnerability Reserved
Dec 3, 2002

Collectors

NVD DatabaseMitre Database