CVE-2002-0861

Published Sep 24, 2002

Last updated 6 years ago

Overview

Description: Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the (1) Copy method of the Cell object or (2) the Paste method of the Range object.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:office_web_components:2000:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A431CA59-8BD3-48CB-82BC-8FDCFE7440FA"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:office_web_components:2002:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "316D6CD7-3B2B-499C-ADBE-088981DFD306"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:project:2000:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F09162C-01F0-4056-94D3-995713F92AE9"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:project:2002:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AE2D3E0-49E4-410E-B63A-753BDE8995BB"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References