Unrated severityNVD Advisory· Published Apr 11, 2003· Updated Jun 16, 2026
CVE-2002-1143
CVE-2002-1143
Description
Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
20cpe:2.3:a:microsoft:word:2000:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:microsoft:word:2000:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:2000:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:2000:sr1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:2000:sr1a:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:2001:*:*:*:*:mac_os_x:*:*
- cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:2002:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:2002:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:97:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:97:sr1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:97:sr2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:98:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:98:*:*:ja:*:*:*:*
- cpe:2.3:a:microsoft:word:98:*:*:*:*:mac_os_x:*:*
- cpe:2.3:a:microsoft:word:*:*:*:*:*:mac_os_x:*:*
- (no CPE)
Patches
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
10- www.microsoft.com/technet/treeview/default.aspnvdPatchVendor Advisory
- www.securityfocus.com/bid/5586nvdExploitPatchThird Party AdvisoryVDB EntryVendor Advisory
- marc.infonvdMailing ListThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- www.kb.cert.org/vuls/id/899713nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/5764nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A202nvdThird Party Advisory
- www.iss.net/security_center/static/10008.phpnvdBroken Link
- www.iss.net/security_center/static/10155.phpnvdBroken Link
- docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-059nvd
News mentions
0No linked articles in our index yet.