The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote malicious users to execute arbitrary commands via the setTimeout method.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft project 2002 |
||
microsoft office web components 2000 |
||
microsoft office web components 2002 |