File Existence Disclosure Vulnerability in Office Web Components (OWC) 10

File Existence Disclosure Vulnerability in Office Web Components (OWC) 10

CVE-2002-1340 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The "ConnectionFile" property in the DataSourceControl component in Office Web Components (OWC) 10 allows remote attackers to determine the existence of local files by detecting an exception.

Learn more about our Cis Benchmark Audit For Microsoft Office.