Lucene search

[email protected]CVE-1999-0354

HistoryNov 01, 1999 - 5:00 a.m.

CVE-1999-0354

1999-11-0105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

internet explorer

word 97

visual basic

outlook

executable content

cve-1999-0354

nvd

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

68.2%

JSON

Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn’t warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message.

CPENameOperatorVersion
microsoft:wordmicrosoft wordeq97
microsoft:internet_explorermicrosoft internet explorereq4.0
microsoft:internet_explorermicrosoft internet explorereq5.0

CPE	Name	Operator	Version
microsoft:word	microsoft word	eq	97
microsoft:internet_explorer	microsoft internet explorer	eq	4.0
microsoft:internet_explorer	microsoft internet explorer	eq	5.0

References

docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-002

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

68.2%

JSON

Related for CVE-1999-0354

cvelist1