CVE-2002-1143: Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is…

CVE-2002-1143 [MEDIUM] GHSA-5jm3-4wj9-623c: Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document i Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure."

CVE-2002-1143 Microsoft Word 95/97/98/2000/2002 - 'INCLUDEPICTURE' Document Sharing File Disclosure Microsoft Word 95/97/98/2000/2002 - 'INCLUDEPICTURE' Document Sharing File Disclosure --- source: https://www.securityfocus.com/bid/5764/info The INCLUDEPICTURE Field Code may be used to insert arbitrary URLs into a document. The INCLUDEPICTURE Field Code is reported to, under some circumstances, present a security threat. If the INCLUDEPICTURE Field Code is included in a document and references a URL, it may be possible for the attacker to obtain contents of files on the victim user's system. It is possible for an attacker to abuse this functionality in a situation where documents are constantly being shared and updated. An attacker can potentially exploit this vulnerability to obtain the contents of files residing on a victim user's system. { INCLUDEPICTURE { QUOTE "http:\\www.alic

CVE-2002-1143 Microsoft Word 95/97/98/2000/2002 / Excel 2002 - INCLUDETEXT Document Sharing File Disclosure Microsoft Word 95/97/98/2000/2002 / Excel 2002 - INCLUDETEXT Document Sharing File Disclosure --- source: https://www.securityfocus.com/bid/5586/info The Microsoft Word and Excel INCLUDETEXT Field Code may be used to insert an arbitrary local file into a document. The INCLUDETEXT Field Code is reported to, under some circumstances, present a security threat. If the INCLUDETEXT Field Code is included in a document and references a file on the local system of the recipient, then the file will also be included when the document is sent out. It is possible for an attacker to abuse this functionality in a situation where documents are constantly being shared and updated. The recipient of the malicious document must still pass along the updated version of the document for the attacker to re

An (un)documented Word feature abused by attackers Authors - Alexander Liskin - Anton Ivanov - Andrey Kryukov A little while back we were investigating the malicious activities of the Freakyshelly targeted attack and came across spear phishing emails that had some interesting documents attached to them. They were in OLE2 format and contained no macros, exploits or any other active content. However, a close inspection revealed that they contained several links to PHP scripts located on third-party web resources. When we attempted to open these files in Microsoft Word, we found that the application addressed one of the links. As a result, the attackers received information about the software installed on the computer. What did the bad guys want with that information? Well, to ensure a targeted attack is successful, intelligence first need