CVE-2002-0861

Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the (1) Copy method of the Cell object or (2) the Paste method of the Range object.

Published: Sep 24, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-0861
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / project	2000	2000.x
microsoft / project	2002	2002.x
microsoft / office_web_components	2002	2002.x
microsoft / office_web_components	2000	2000.x

http://marc.info/?l=bugtraq&m=101829726516346&w=2
http://www.iss.net/security_center/static/8779.php
http://www.securityfocus.com/bid/4457
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-044

Vulnerability Database

289,599

CVE-2002-0861