333 matches found
Microsoft Office Web Components allows reading of local files via "LoadText" method by using URL redirection
Overview The Microsoft Office Web Components allow a remote attacker to read arbitrary files. Description The Microsoft Office Web Components OWC are ActiveX controls that can be embedded in web pages. These controls give users of a website limited Microsoft Office functionality, without having t...
CVE-2002-0861
CVE-2002-0861 affects Microsoft Office Web Components (OWC) 2000 and 2002. The vulnerability arises from a bypass of the setting “Allow paste operations via script,” allowing a remote attacker to paste via script despite the setting being disabled. The issue is triggered through the (1) Copy meth...
CVE-2002-0861
Microsoft Office Web Components OWC 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the 1 Copy method of the Cell object or 2 the Paste method of the Range object...
Microsoft Office Web Components unauthorized access
A number of unsafe functions...
ISS Security Brief: Multiple Vulnerabilities in Microsoft Office Web Components
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with any problems! --------------------------------------------------------------------------- -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Aler...
Security Bulletin MS02-044 : Unsafe Functions in Office Web Components (Q328130)
---------------------------------------------------------------------- Title: Unsafe Functions in Office Web Components Q328130 Date: 21 August 2002 Software: Office Web Components, Office, BackOffice Server, BizTalk Server, Commerce Server, ISA Server, Money, Microsoft Project, Microsoft Project...
CVE-2002-0621
Buffer overflow in the Office Web Components OWC package installer used by Microsoft Commerce Server 2000 allows remote attackers to cause the process to fail or run arbitrary code in the LocalSystem security context via certain input to the OWC package installer...
CVE-2002-0622
The Office Web Components OWC package installer for Microsoft Commerce Server 2000 allows remote attackers to execute commands by passing the commands as input to the OWC package installer, aka "OWC Package Command Execution"...
Controlling the clipboard with OWC in IE (GM#007-IE)
GreyMagic Security Advisory GM007-IE ===================================== By GreyMagic Software, Israel. 08 Apr 2002. Available in HTML format at http://security.greymagic.com/adv/gm007-ie/. Topic: Controlling the clipboard with OWC in IE. Discovery date: 24 Feb 2002. Affected applications:...
Reading local files with OWC in IE (GM#006-IE)
GreyMagic Security Advisory GM006-IE ===================================== By GreyMagic Software, Israel. 08 Apr 2002. Available in HTML format at http://security.greymagic.com/adv/gm006-ie/. Topic: Reading local files with OWC in IE. Discovery date: 24 Feb 2002. Affected applications:...
Multiple bugs in Office Web Components
Script execution, access to local files and clipboard...
Multiple local files detection issues with OWC in IE (GM#008-IE)
GreyMagic Security Advisory GM008-IE ===================================== By GreyMagic Software, Israel. 08 Apr 2002. Available in HTML format at http://security.greymagic.com/adv/gm008-ie/. Topic: Multiple local files detection issues with OWC in IE. Discovery date: 25 Feb 2002, 05 Mar 2002...
Scripting for the scriptless with OWC in IE (GM#005-IE)
GreyMagic Security Advisory GM005-IE ===================================== By GreyMagic Software, Israel. 08 Apr 2002. Available in HTML format at http://security.greymagic.com/adv/gm005-ie/. Topic: Scripting for the scriptless with OWC in IE. Discovery date: 10 Mar 2002. Affected applications:...
Update Rollup for Lync Server 2013 Web Components Server (KB3126638)
Update Rollup for Lync Server 2013 Web Components Server KB3126638...
Update Rollup for Lync Server 2013 Web Components Server (KB3175333)
Update Rollup for Lync Server 2013 Web Components Server KB3175333...
Security update 1970-01-01
...
Security update 1970-01-01
...
Security update 1970-01-01
...
Security update 1970-01-01
...
Security update 1970-01-01
...