{"api_version":"1","generated_at":"2026-04-23T17:14:54+00:00","cve":"CVE-2002-1339","urls":{"html":"https://cve.report/CVE-2002-1339","api":"https://cve.report/api/cve/CVE-2002-1339.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2002-1339","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2002-1339"},"summary":{"title":"CVE-2002-1339","description":"The \"XMLURL\" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files.","state":"PUBLISHED","assigner":"mitre","published_at":"2002-12-18 05:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://security.greymagic.com/adv/gm008-ie/","name":"http://security.greymagic.com/adv/gm008-ie/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Vendor Advisory"],"title":"","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=101830175621193&w=2","name":"http://marc.info/?l=bugtraq&m=101830175621193&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2002-1339","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2002-1339","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2002","cve_id":"1339","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"office_web_components","cpe6":"2002","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T03:19:28.609Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"http://security.greymagic.com/adv/gm008-ie/"},{"name":"20020408 Multiple local files detection issues with OWC in IE (GM#008-IE)","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=101830175621193&w=2"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2002-04-08T00:00:00.000Z","descriptions":[{"lang":"en","value":"The \"XMLURL\" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2016-10-17T13:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_MISC"],"url":"http://security.greymagic.com/adv/gm008-ie/"},{"name":"20020408 Multiple local files detection issues with OWC in IE (GM#008-IE)","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://marc.info/?l=bugtraq&m=101830175621193&w=2"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2002-1339","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The \"XMLURL\" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://security.greymagic.com/adv/gm008-ie/","refsource":"MISC","url":"http://security.greymagic.com/adv/gm008-ie/"},{"name":"20020408 Multiple local files detection issues with OWC in IE (GM#008-IE)","refsource":"BUGTRAQ","url":"http://marc.info/?l=bugtraq&m=101830175621193&w=2"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2002-1339","datePublished":"2002-12-11T05:00:00.000Z","dateReserved":"2002-12-03T00:00:00.000Z","dateUpdated":"2024-08-08T03:19:28.609Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2002-12-18 05:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_web_components:2002:*:*:*:*:*:*:*","matchCriteriaId":"316D6CD7-3B2B-499C-ADBE-088981DFD306"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2002","CveId":"1339","Ordinal":"1","Title":"CVE-2002-1339","CVE":"CVE-2002-1339","Year":"2002"},"notes":[{"CveYear":"2002","CveId":"1339","Ordinal":"1","NoteData":"The \"XMLURL\" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files.","Type":"Description","Title":"CVE-2002-1339"},{"CveYear":"2002","CveId":"1339","Ordinal":"2","NoteData":"2002-12-11","Type":"Other","Title":"Published"},{"CveYear":"2002","CveId":"1339","Ordinal":"3","NoteData":"2016-10-17","Type":"Other","Title":"Modified"}]}}}