Lucene search

[email protected]CVE-2002-0861

HistorySep 24, 2002 - 4:00 a.m.

CVE-2002-0861

2002-09-2404:00:00

[email protected]

web.nvd.nist.gov

cve-2002-0861

microsoft office

web components

owc

security vulnerability

nvd

remote attack

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.9%

JSON

Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the “Allow paste operations via script” setting, even when it is disabled, via the (1) Copy method of the Cell object or (2) the Paste method of the Range object.

Affected configurations

NVD

Node

microsoftoffice_web_componentsMatch2000

microsoftoffice_web_componentsMatch2002

microsoftprojectMatch2000

microsoftprojectMatch2002

CPENameOperatorVersion
microsoft:office_web_componentsmicrosoft office web componentseq2000
microsoft:office_web_componentsmicrosoft office web componentseq2002
microsoft:projectmicrosoft projecteq2000
microsoft:projectmicrosoft projecteq2002

CPE	Name	Operator	Version
microsoft:office_web_components	microsoft office web components	eq	2000
microsoft:office_web_components	microsoft office web components	eq	2002
microsoft:project	microsoft project	eq	2000
microsoft:project	microsoft project	eq	2002

References

marc.info/?l=bugtraq&m=101829726516346&w=2

www.iss.net/security_center/static/8779.php

www.securityfocus.com/bid/4457

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-044

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.9%

JSON

Related for CVE-2002-0861

cvelist1 nvd1