Описание
Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the (1) Copy method of the Cell object or (2) the Paste method of the Range object.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:office_web_components:2000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_web_components:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2002:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06153
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the (1) Copy method of the Cell object or (2) the Paste method of the Range object.
EPSS
Процентиль: 91%
0.06153
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other