Описание
Microsoft Office 2013 and 2013 RT allows remote attackers to discover authentication tokens via a crafted response to a file-open request for an Office file on a web site, as exploited in the wild in 2013, aka "Token Hijacking Vulnerability."
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:office:2013:-:-:*:-:-:x64:*
cpe:2.3:a:microsoft:office:2013:-:-:*:-:-:x86:*
cpe:2.3:a:microsoft:office_2013_rt:-:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.11415
Средний
4.3 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
Microsoft Office 2013 and 2013 RT allows remote attackers to discover authentication tokens via a crafted response to a file-open request for an Office file on a web site, as exploited in the wild in 2013, aka "Token Hijacking Vulnerability."
EPSS
Процентиль: 93%
0.11415
Средний
4.3 Medium
CVSS2
Дефекты
CWE-200