Vulnerability in N/a
CVE-2002-1143
Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEP…
EPSS: 0.536 (98.9th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 20020919 More vulnerabilities (Re: Security side-effects of Word fields) (mailing-list, x_refsource_BUGTRAQ)
- MS02-059 (x_refsource_MS, vendor-advisory)
- 5764 (vdb-entry, x_refsource_BID)
- word-includetext-read-files(10008) (vdb-entry, x_refsource_XF)
- word-includepicture-read-files(10155) (vdb-entry, x_refsource_XF)
- oval:org.mitre.oval:def:202 (signature, x_refsource_OVAL, vdb-entry)
- 5586 (vdb-entry, x_refsource_BID)
- VU#899713 (x_refsource_CERT-VN, third-party-advisory)
- 20020826 Security side-effects of Word fields (mailing-list, x_refsource_BUGTRAQ)
- www.microsoft.com/technet/treeview/default.asp (x_refsource_CONFIRM)