CVE-2002-0727

CVE Database · CVE-2002-0727

CVE-2002-0727

· N/AModified

CVSS v3.1

N/A

EPSS

18.85%

Published

Sep 24, 2002

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method.

Affected Products (3)

microsoft · office_web_componentsvulnerable

microsoft · projectvulnerable

References (10)

http://marc.info/?l=bugtraq&m=101829645415486&w=2

http://www.iss.net/security_center/static/8777.php

PatchVendor Advisory

http://www.osvdb.org/3006

http://www.securityfocus.com/bid/4449

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-044