nvd-json-data-feeds/CVE-2002/CVE-2002-13xx/CVE-2002-1339.json

{
  "id": "CVE-2002-1339",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2002-12-18T05:00:00.000",
  "lastModified": "2016-10-18T02:26:05.520",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "The \"XMLURL\" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files."
    },
    {
      "lang": "es",
      "value": "La propiedad \"XMLURL\" en el componente Hoja de C\u00e1lculo (Spreadsheet) de Office Web Components (OWC) 10 sigue redirecciones, lo que permite a atacantes remotos determinar la existencia de ficheros locales basado en excepciones, o leer ficheros XML Hoja de Trabajo (WorkSheet)."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:office_web_components:2002:*:*:*:*:*:*:*",
              "matchCriteriaId": "316D6CD7-3B2B-499C-ADBE-088981DFD306"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://marc.info/?l=bugtraq&m=101830175621193&w=2",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://security.greymagic.com/adv/gm008-ie/",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ]
    }
  ]
}