5

CVE-2002-1143

Exploit
Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftExcel Version2002
MicrosoftExcel Version2002 Updatesp1
MicrosoftExcel Version2002 Updatesp2
MicrosoftWord SwPlatformmac_os_x
MicrosoftWord Version97
MicrosoftWord Version97 Updatesr1
MicrosoftWord Version97 Updatesr2
MicrosoftWord Version98
MicrosoftWord Version98 SwPlatformmac_os_x
MicrosoftWord Version98 Langja
MicrosoftWord Version2000
MicrosoftWord Version2000 Updatesp2
MicrosoftWord Version2000 Updatesr1
MicrosoftWord Version2000 Updatesr1a
MicrosoftWord Version2001 SwPlatformmac_os_x
MicrosoftWord Version2002
MicrosoftWord Version2002 Updatesp1
MicrosoftWord Version2002 Updatesp2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 53.56% 0.989
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://marc.info/?l=bugtraq&m=103040003014999&w=2
Third Party Advisory
Mailing List
http://marc.info/?l=bugtraq&m=103252858816401&w=2
Third Party Advisory
Mailing List
http://www.iss.net/security_center/static/10008.php
Broken Link
http://www.iss.net/security_center/static/10155.php
Broken Link
http://www.kb.cert.org/vuls/id/899713
Third Party Advisory
US Government Resource
http://www.microsoft.com/technet/treeview/default.asp?url=/Technet/security/topics/secword.asp
Patch
Vendor Advisory
http://www.securityfocus.com/bid/5586
Patch
Third Party Advisory
Vendor Advisory
Exploit
VDB Entry
http://www.securityfocus.com/bid/5764
Third Party Advisory
VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-059
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A202
Third Party Advisory