Lucene search

[email protected]NVD:CVE-2000-0788

HistoryOct 20, 2000 - 4:00 a.m.

CVE-2000-0788

2000-10-2004:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

High

EPSS

0.009

Percentile

82.9%

JSON

The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.

Affected configurations

Nvd

Node

microsoftaccessMatch2000

microsoftwordMatch2000

VendorProductVersionCPE
microsoftaccess2000cpe:2.3:a:microsoft:access:2000:*:*:*:*:*:*:*
microsoftword2000cpe:2.3:a:microsoft:word:2000:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	access	2000	cpe:2.3:a:microsoft:access:2000:::::::*
microsoft	word	2000	cpe:2.3:a:microsoft:word:2000:::::::*

References

www.securityfocus.com/bid/1566

www.securityfocus.com/templates/archive.pike?list=1&msg=398EB9CA.27E03A9C%40nat.bg

docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-071

exchange.xforce.ibmcloud.com/vulnerabilities/5322

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

High

EPSS

0.009

Percentile

82.9%

JSON

Related for NVD:CVE-2000-0788

cve2 cvelist2 nvd1