5

CVE-2002-1143

Exploit

Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure."

Data is provided by the National Vulnerability Database (NVD)
MicrosoftExcel Version2002
MicrosoftExcel Version2002 Updatesp1
MicrosoftExcel Version2002 Updatesp2
MicrosoftWord SwPlatformmac_os_x
MicrosoftWord Version97
MicrosoftWord Version97 Updatesr1
MicrosoftWord Version97 Updatesr2
MicrosoftWord Version98
MicrosoftWord Version98 SwPlatformmac_os_x
MicrosoftWord Version98 Langja
MicrosoftWord Version2000
MicrosoftWord Version2000 Updatesp2
MicrosoftWord Version2000 Updatesr1
MicrosoftWord Version2000 Updatesr1a
MicrosoftWord Version2001 SwPlatformmac_os_x
MicrosoftWord Version2002
MicrosoftWord Version2002 Updatesp1
MicrosoftWord Version2002 Updatesp2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 32.48% 0.964
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
http://marc.info/?l=bugtraq&m=103040003014999&w=2
Third Party Advisory
Mailing List
http://marc.info/?l=bugtraq&m=103252858816401&w=2
Third Party Advisory
Mailing List
http://www.kb.cert.org/vuls/id/899713
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/5586
Patch
Third Party Advisory
Vendor Advisory
Exploit
VDB Entry
http://www.securityfocus.com/bid/5764
Third Party Advisory
VDB Entry