Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2002-1143

Published: 11/04/2003 Updated: 12/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 510
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Microsoft

Vulnerability Summary

Microsoft Word and Excel allow remote malicious users to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure."

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft excel 2002

microsoft word 2000

microsoft word

microsoft word 97

microsoft word 98

microsoft word 2002

microsoft word 2001

Exploits

Exploit DB: Microsoft Word 95/97/98/2000/2002 / Excel 2002 - INCLUDETEXT Document Sharing File Disclosure
source: wwwsecurityfocuscom/bid/5586/info The Microsoft Word and Excel INCLUDETEXT Field Code may be used to insert an arbitrary local file into a document The INCLUDETEXT Field Code is reported to, under some circumstances, present a security threat If the INCLUDETEXT Field Code is included in a document and references a file on the l ...
Exploit DB: Microsoft Word 95/97/98/2000/2002 - 'INCLUDEPICTURE' Document Sharing File Disclosure
source: wwwsecurityfocuscom/bid/5764/info The INCLUDEPICTURE Field Code may be used to insert arbitrary URLs into a document The INCLUDEPICTURE Field Code is reported to, under some circumstances, present a security threat If the INCLUDEPICTURE Field Code is included in a document and references a URL, it may be possible for the attack ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/5586http://www.iss.net/security_center/static/10008.phphttp://www.microsoft.com/technet/treeview/default.asp?url=/Technet/security/topics/secword.asphttp://www.securityfocus.com/bid/5764http://www.iss.net/security_center/static/10155.phphttp://www.kb.cert.org/vuls/id/899713http://marc.info/?l=bugtraq&m=103252858816401&w=2http://marc.info/?l=bugtraq&m=103040003014999&w=2https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A202https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-059https://nvd.nist.govhttps://www.exploit-db.com/exploits/21764/https://www.kb.cert.org/vuls/id/899713
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook