CVE-2002-1716 - The Host() function in the Microsoft spreadsheet component on Microsoft Office XP allows remote atta

CVE-2002-1716

Summary

The Host() function in the Microsoft spreadsheet component on Microsoft Office XP allows remote attackers to create arbitrary files using the SaveAs capability.

References

http://online.securityfocus.com/archive/1/265087
http://www.guninski.com/m$oxp-2.html
http://www.securityfocus.com/bid/4398
https://exchange.xforce.ibmcloud.com/vulnerabilities/8711

Vulnerable Configurations

cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 07-03-2023 - 18:23)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:P/A:N

refmap via4

bid	4398
bugtraq	20020331 More Office XP problems
misc	http://www.guninski.com/m$oxp-2.html
xf	msoffice-spreadsheet-host-cas(8711)

Last major update

07-03-2023 - 18:23

Published

31-12-2002 - 05:00

Last modified

07-03-2023 - 18:23