CVE-2002-0860 | Vulnerability Database | Aqua Security

The LoadText method in the spreadsheet component in Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to read arbitrary files through Internet Explorer via a URL that redirects to the target file.

Affected Software

Name	Vendor	Start Version	End Version
Office_web_components	Microsoft	2000 (including)	2000 (including)
Office_web_components	Microsoft	2002 (including)	2002 (including)
Project	Microsoft	2000 (including)	2000 (including)
Project	Microsoft	2002 (including)	2002 (including)

References

http://marc.info/?l=bugtraq\u0026m=101829911018463\u0026w=2
http://www.iss.net/security_center/static/8778.php
http://www.osvdb.org/3007
http://www.securityfocus.com/bid/4453
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-044
http://marc.info/?l=bugtraq\u0026m=101829911018463\u0026w=2
http://www.iss.net/security_center/static/8778.php
http://www.osvdb.org/3007
http://www.securityfocus.com/bid/4453
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-044

NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0860
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html