XMLURL Property Redirection Vulnerability in Office Web Components (OWC) 10

XMLURL Property Redirection Vulnerability in Office Web Components (OWC) 10

CVE-2002-1339 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The "XMLURL" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files.

Learn more about our Cis Benchmark Audit For Microsoft Office.