CVE-2002-0861

critical

Description

Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the (1) Copy method of the Cell object or (2) the Paste method of the Range object.

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-044

http://www.securityfocus.com/bid/4457

http://www.iss.net/security_center/static/8779.php

http://marc.info/?l=bugtraq&m=101829726516346&w=2

Details

Source: Mitre, NVD

Published: 2002-09-24

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.06153

Detections

Analytics