CVE-2000-0419

3 documents3 sources

Severity

7.5HIGH

EPSS

10.9%

top 6.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Access Microsoft Excel Microsoft Frontpage +7 more

Timeline

PublishedMay 11

Latest updateApr 30

Description

The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages10 packages

▶NVDmicrosoft/office2000

▶NVDmicrosoft/photodraw_20001.0

▶NVDmicrosoft/word2000

▶NVDmicrosoft/excel2000

▶NVDmicrosoft/works2000

🔴Vulnerability Details

GHSA

GHSA-g5jc-xm45-6763: The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show M↗2022-04-30

▶

CVEList

CVE-2000-0419: The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show M↗2000-07-12

▶