CVE-1999-0354 — Microsoft Internet Explorer vulnerability

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
3.1%
top 13.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft Internet ExplorerMicrosoft Word
Timeline
PublishedNov 1
Latest updateApr 30

Description

Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

â–¶NVDmicrosoft/word97
â–¶NVDmicrosoft/internet_explorer4.0, 5.0+1

🔴Vulnerability Details

2
GHSA
GHSA-qc45-j6qw-gcwq: Internet Explorer 4↗2022-04-30
â–¶
CVEList
CVE-1999-0354: Internet Explorer 4↗2000-02-04
â–¶
CVE-1999-0354 — Microsoft vulnerability | cvebase