CVE-2000-0788

The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:access:2000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2000:*:*:*:*:*:*:*

History

20 Nov 2024, 23:33

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/1566 - Exploit, Vendor Advisory () http://www.securityfocus.com/bid/1566 - Exploit, Vendor Advisory
References () http://www.securityfocus.com/templates/archive.pike?list=1&msg=398EB9CA.27E03A9C%40nat.bg - () http://www.securityfocus.com/templates/archive.pike?list=1&msg=398EB9CA.27E03A9C%40nat.bg -
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-071 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-071 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/5322 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/5322 -

07 Nov 2023, 01:55

Type Values Removed Values Added
References
  • {'url': 'http://www.securityfocus.com/templates/archive.pike?list=1&msg=398EB9CA.27E03A9C@nat.bg', 'name': '20000807 MS Word and MS Access vulnerability - executing arbitrary programs, may be exploited by IE/Outlook', 'tags': ['Exploit', 'Vendor Advisory'], 'refsource': 'BUGTRAQ'}
  • () http://www.securityfocus.com/templates/archive.pike?list=1&msg=398EB9CA.27E03A9C%40nat.bg -

Information

Published : 2000-10-20 04:00

Updated : 2024-11-20 23:33


NVD link : CVE-2000-0788

Mitre link : CVE-2000-0788

CVE.ORG link : CVE-2000-0788


JSON object : View

Products Affected

microsoft

  • access
  • word