PT-2002-1875 · Microsoft · Office Web Components

Publicado

2002-08-23

Atualizado

2018-10-12

CVE-2002-0861

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Microsoft Office Web Components (OWC) versions 2000 and 2002

Description: The issue allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled. This can be achieved via the Copy method of the Cell object or the Paste method of the Range object.

Recommendations: For Microsoft Office Web Components (OWC) version 2000, consider disabling the Copy method of the Cell object and the Paste method of the Range object as a temporary workaround. For Microsoft Office Web Components (OWC) version 2002, consider disabling the Copy method of the Cell object and the Paste method of the Range object as a temporary workaround.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-0861

Produtos afetados

Office Web Components

PT-2002-1875 · Microsoft · Office Web Components

CVE-2002-0861

Identificadores relacionados

Produtos afetados

Referências · 5