This script is Copyright (C) 2008-2017 Tenable Network Security, Inc.
The remote installation of Microsoft Office is vulnerable to an
information disclosure flaw.
The remote host is running a version of Microsoft Office that is
subject to an information disclosure flaw.
When a user clicks on a special CDO URL, an attacker could inject a
client side script that could be used to disclose information.
To succeed, the attacker would have to send a rogue CDO URL to a user
of the remote computer and have it click it.
See also :
Microsoft has released a set of patches for Office XP.
Risk factor :
Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.1
Public Exploit Available : true