Arbitrary File Reading Vulnerability in Microsoft Office Web Components (OWC)

Arbitrary File Reading Vulnerability in Microsoft Office Web Components (OWC)

CVE-2002-0860 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The LoadText method in the spreadsheet component in Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to read arbitrary files through Internet Explorer via a URL that redirects to the target file.

Learn more about our Cis Benchmark Audit For Microsoft Office.