CVE-2002-1339
First published: Wed Dec 11 2002(Updated: )
The "XMLURL" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Office Web Components | =2002 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-1339?
CVE-2002-1339 is considered a high severity vulnerability due to potential unauthorized access to local files.
How do I fix CVE-2002-1339?
To fix CVE-2002-1339, it is recommended to upgrade to a newer version of Microsoft Office Web Components or apply relevant security patches.
What is the impact of CVE-2002-1339?
The impact of CVE-2002-1339 includes the possibility for remote attackers to access local files and determine their existence.
Who is affected by CVE-2002-1339?
CVE-2002-1339 affects users of Microsoft Office Web Components version 2002.
What type of attack can be executed using CVE-2002-1339?
An attacker can exploit CVE-2002-1339 to read WorkSheet XML files or determine the existence of local files via redirection.
- collector/nvd-historical
- vendor/microsoft
- product/office web components
- canonical/microsoft office web components
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/remedy
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- version/microsoft office web components/2002