The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:39
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=101829645415486&w=2 - | |
References | () http://www.iss.net/security_center/static/8777.php - Patch, Vendor Advisory | |
References | () http://www.osvdb.org/3006 - | |
References | () http://www.securityfocus.com/bid/4449 - | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-044 - |
Information
Published : 2002-09-24 04:00
Updated : 2024-11-20 23:39
NVD link : CVE-2002-0727
Mitre link : CVE-2002-0727
CVE.ORG link : CVE-2002-0727
JSON object : View
Products Affected
microsoft
- project
- office_web_components
CWE