Microsoft Word and Excel documents allow local file reading by via embedded fields

2002-10-17T00:00:00
ID VU:899713
Type cert
Reporter CERT
Modified 2002-10-28T00:00:00

Description

Overview

Microsoft Word and Excel contain special encoding tags for formatting and updating content. An attacker may be able to use these tags to exploit an information disclosure vulnerability.

Description

Microsoft Word and Microsoft Excel are applications that ship as part of the Microsoft Office distribution. Microsoft Word (all versions) and Microsoft Excel 2002 contain special encoding tags that can be used to update or include text in a document or spreadsheet. In Microsoft Word, these tags are known as field codes. In Microsoft Excel, they are known as external updates. Some of these tags can enable an attacker to embed local information into a document and have it returned via a web site. Likewise, if the victim were to open a document and then return it to the attacker, sensitive information could be included in the document. In order to successfully exploit this vulnerability, the attacker would have to know the path of the target file, and trick the victim into opening the malicious document.


Impact

An attacker may be able to gather sensitive data stored on the victim's machine.


Solution

Microsoft has release Security Bulletin MS02-059 to address this vulnerability.


Systems Affected

Vendor| Status| Date Notified| Date Updated
---|---|---|---
Microsoft Corporation| | -| 17 Oct 2002
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A

References

  • <http://www.securitybugware.org/NT/5662.html>
  • <http://www.microsoft.com/technet/security/bulletin/MS02-059.asp>

Credit

Thanks to Microsoft and Alex Gantman for reporting this vulnerability.

This document was written by Jason A Rafail.

Other Information

  • CVE IDs: CAN-2002-1143
  • Date Public: 27 Aug 2002
  • Date First Published: 17 Oct 2002
  • Date Last Updated: 28 Oct 2002
  • Severity Metric: 0.61
  • Document Revision: 17