Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft OWC可导致Active脚本执行漏洞
Vulnerability Description
Microsoft Office Web Components (OWC)是一套ActiveX对象,使用Spreadsheets、Charts、Pivot tables等提供WEB页面更丰富的HTML文档形式。OWC在OFFCIE2000和OFFICE XP下都默认安装,也可以独立的下载使用。 Microsoft Office Web Components (OWC10)中在处理Spreadsheet组件中的"HOST()"规则存在漏洞,可导致攻击者即使在关闭脚本代码执行设置情况下仍旧可以执行Active
CVSS Information
N/A
Vulnerability Type
N/A