← CVECheck
HomeVulnerabilities

CVE-2002-1143 — MEDIUM severity vulnerability (Microsoft Word and Excel allow remote attackers to steal sen)

Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Informa

CVE IDCVE-2002-1143
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2003-04-11
Last modified2026-04-16
DescriptionMicrosoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure."
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →