CVE-2002-1339

Published: Dec 18, 2002Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The "XMLURL" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files.

Affected (1)

Products: Microsoft: Office Web Components

Microsoft

1 product

Office Web Components

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Office Web Components	Version 2002

References (4)

http://marc.info/?l=bugtraq&m=101830175621193&w=2

Source: cve@mitre.org

http://security.greymagic.com/adv/gm008-ie/

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://marc.info/?l=bugtraq&m=101830175621193&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.greymagic.com/adv/gm008-ie/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

Timeline

No history available yet.