CVE-2002-1340

Published: Dec 18, 2002Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The "ConnectionFile" property in the DataSourceControl component in Office Web Components (OWC) 10 allows remote attackers to determine the existence of local files by detecting an exception.

Affected (1)

Products: Microsoft: Office Web Components

Microsoft

1 product

Office Web Components

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Office Web Components	Version 2002

References (4)

http://marc.info/?l=bugtraq&m=101830175621193&w=2

Source: cve@mitre.org

http://security.greymagic.com/adv/gm008-ie/

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://marc.info/?l=bugtraq&m=101830175621193&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.greymagic.com/adv/gm008-ie/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

Timeline

No history available yet.