CVE-2002-1339

The "XMLURL" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files.

Published: Dec 18, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-1339
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / office_web_components	2002	2002.x

http://marc.info/?l=bugtraq&m=101830175621193&w=2
http://security.greymagic.com/adv/gm008-ie/

Vulnerability Database

289,599

CVE-2002-1339