CVE-2002-0727
First published: Tue Sep 24 2002(Updated: )
The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Project 2013 | =2002 | |
| Microsoft Office Web Components | =2002 | |
| Microsoft Office Web Components | =2000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-0727?
CVE-2002-0727 is considered a high severity vulnerability due to the potential for remote code execution.
How do I fix CVE-2002-0727?
To fix CVE-2002-0727, users should apply the latest security patches provided by Microsoft for Office Web Components.
What systems are affected by CVE-2002-0727?
CVE-2002-0727 affects Microsoft Office Web Components 2000 and 2002, as well as Microsoft Project 2002.
What type of vulnerability is CVE-2002-0727?
CVE-2002-0727 is a remote code execution vulnerability that allows attackers to run arbitrary commands.
Can CVE-2002-0727 be exploited through a web application?
Yes, CVE-2002-0727 can be exploited through a web application that utilizes the vulnerable OWC components.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/author
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- vendor/microsoft
- canonical/microsoft project 2013
- version/microsoft project 2013/2002
- canonical/microsoft office web components
- version/microsoft office web components/2002
- version/microsoft office web components/2000