PT-2002-1875 · Microsoft · Office Web Components

Published

2002-08-23

Updated

2018-10-12

CVE-2002-0861

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Microsoft Office Web Components (OWC) versions 2000 and 2002

Description: The issue allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled. This can be achieved via the Copy method of the Cell object or the Paste method of the Range object.

Recommendations: For Microsoft Office Web Components (OWC) version 2000, consider disabling the Copy method of the Cell object and the Paste method of the Range object as a temporary workaround. For Microsoft Office Web Components (OWC) version 2002, consider disabling the Copy method of the Cell object and the Paste method of the Range object as a temporary workaround.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0861

Affected Products

Office Web Components

PT-2002-1875 · Microsoft · Office Web Components

CVE-2002-0861

Related Identifiers

Affected Products

References · 5