Stasyx Home Page
Stasyx About Us Page
Stasyx Products and Services
Stasyx News
Stasyx Clients
Stasyx Support
Stasyx Contact Us
Links Contact Us  Return Home
Security vulnerabilities related to the Windows 2000 operating system have been discovered by Microsoft, and are presented here as a courtesy to our customers. If any of the links do not function property, then contact our technical support team at . In the meantime, you can find all of the information listed below by navigating to www.microsoft.com.
 
MS02-044 : Unsafe Functions in Office Web Components (Q328130)
Date Posted - 2002/08/21
Date Revised - 2002/08/20
The Office Web Components (OWC) contain several ActiveX controls that gives users limited functionality of Microsoft Office in a web browser without requiring that the user install the full Microsoft Office application. This allows users to utilize Microsoft Office applications in situations where installation of the full application is infeasible or undesirable. The control contains three security vulnerabilities, each of which could be exploited either via a web site or an HTML mail. The vulnerabilities result because of implementation errors in the following methods and functions the controls expose: Host(). This function, by design, provides the caller with access to applications' object models on the user's system. By using the Host() function, an attacker could, for instance, open an Office application on the user's system and invoke commands there that would execute operating system commands as the user. LoadText(). This method allows a web page to load text into a browser window. The method does check that the source of the text is in the same domain as the window, and in theory should restrict the page to only loading text that it hosts itself. However, it is possible to circumvent this restriction by specifying a text source located within the web page's domain, and then setting up a server-side redirect of that text to a file on the user's system. This would provide an attacker with a way to read any desired file on the user's system. Copy()/Paste(). These methods allow text to be copied and pasted. A security vulnerability results because the method does not respect the 'disallow paste via script' security setting in IE. Thus, even if this setting had been selected, a web page could continue to access the copy buffer, and read any text that the user had copied or cut from within other applications.

Accounting:


Programming:


Sales:


Technical Support:

Web Hosting:
Home| About Us| Products| News| Clients| Support| Contact Us     ©2003-2008 Stasyx, Inc. All Rights Reserved.