First published: Tue Sep 24 2002(Updated: )
The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Project | =2002 | |
Microsoft Office Web Components | =2002 | |
Microsoft Office Web Components | =2000 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.