Executive Summary
| Informations | |||
|---|---|---|---|
| Name | MS02-059 | First vendor Publication | N/A |
| Vendor | Microsoft | Last vendor Modification | N/A |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure (Q330008) |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:202 | |||
| Oval ID: | oval:org.mitre.oval:def:202 | ||
| Title: | Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure | ||
| Description: | Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2002-1143 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Word 2000 |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 10734 | Microsoft Word/Excel Shared Document INCLUDEPICTURE Field Arbitrary File Read |
| 10733 | Microsoft Word/Excel Shared Document INCLUDETEXT Field Arbitrary File Read |
