Lucene search

[email protected]CVE-2001-0240

HistorySep 18, 2001 - 4:00 a.m.

CVE-2001-0240

2001-09-1804:00:00

[email protected]

web.nvd.nist.gov

microsoft word

word 2002

attackers

execute macros

rtf document

user alert

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.5%

JSON

Microsoft Word before Word 2002 allows attackers to automatically execute macros without warning the user via a Rich Text Format (RTF) document that links to a template with the embedded macro.

Affected configurations

NVD

Node

microsoftwordMatch97

microsoftwordMatch98mac_os_x

microsoftwordMatch98ja

microsoftwordMatch2000

microsoftwordMatch2001mac_os_x

CPENameOperatorVersion
microsoft:wordmicrosoft wordeq97
microsoft:wordmicrosoft wordeq98
microsoft:wordmicrosoft wordeq2000
microsoft:wordmicrosoft wordeq2001

CPE	Name	Operator	Version
microsoft:word	microsoft word	eq	97
microsoft:word	microsoft word	eq	98
microsoft:word	microsoft word	eq	2000
microsoft:word	microsoft word	eq	2001

References

www.securityfocus.com/bid/2753

docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-028

exchange.xforce.ibmcloud.com/vulnerabilities/6571

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.5%

JSON

Related for CVE-2001-0240

nvd1 cvelist1 cert1