CVE-2002-1143

Microsoft Word/Excel - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2002-1143. PoCs published by Richard Edwards, Alex Gantman.

AI-analyzed exploit summary This exploit leverages the INCLUDEPICTURE Field Code in Microsoft Word to exfiltrate local file contents or user information by embedding malicious URLs in a document. The vulnerability allows an attacker to craft a document that, when processed, sends sensitive data to a remote server.

Description

Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure."

Exploits (2)

exploitdb WORKING POC VERIFIED
by Richard Edwards · textremotewindows
https://www.exploit-db.com/exploits/21812

This exploit leverages the INCLUDEPICTURE Field Code in Microsoft Word to exfiltrate local file contents or user information by embedding malicious URLs in a document. The vulnerability allows an attacker to craft a document that, when processed, sends sensitive data to a remote server.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Word (versions affected by CVE-2002-1143)
No auth needed
Prerequisites: Victim must open the malicious Word document · Attacker must control a server to receive exfiltrated data
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by Alex Gantman · textremotewindows
https://www.exploit-db.com/exploits/21764

This is a writeup describing the abuse of the INCLUDETEXT Field Code in Microsoft Word and Excel to exfiltrate local files. It provides a field structure example to steal file contents but does not include executable exploit code.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: Microsoft Word and Excel (versions affected by CVE-2002-1143)
No auth needed
Prerequisites: Victim must open the malicious document · Document must be shared back with the attacker
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=103252858816401&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5764
Broken Link vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10008.php
Broken Link vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10155.php
Third Party Advisory vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A202
Exploit, Patch, Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5586
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/899713
Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=103040003014999&w=2

Scores

EPSS 0.5356
EPSS Percentile 98.9%

Details

Status published
Products (7)
microsoft/excel 2002 (3 CPE variants)
microsoft/word
microsoft/word 97 (3 CPE variants)
microsoft/word 98 (3 CPE variants)
microsoft/word 2000 (4 CPE variants)
microsoft/word 2001
microsoft/word 2002 (3 CPE variants)
Published Apr 11, 2003
Tracked Since Feb 18, 2026