CVE-2002-1338

Name of the Vulnerable Software and Affected Versions: Office Web Components (OWC) versions 9 through 10

Description: The issue concerns the Load method in the Chart component, which generates an exception when a specified file does not exist. This allows remote attackers to determine the existence of local files.

Recommendations: For Office Web Components (OWC) versions 9 through 10, consider restricting access to the Chart component's Load method to minimize the risk of exploitation. As a temporary workaround, avoid using the Load method with unverified file paths until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.