CVE-2000-0765 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Excel

3 documents3 sources

Severity

5.1MEDIUMNVD

EPSS

10.7%

top 6.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Excel Microsoft Powerpoint Microsoft Word

Timeline

PublishedOct 20

Latest updateApr 30

Description

Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerability.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages3 packages

▶NVDmicrosoft/word2000

▶NVDmicrosoft/excel2000

▶NVDmicrosoft/powerpoint2000

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-rqm2-qh4g-xjjg: Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka↗2022-04-30

▶

CVEList

CVE-2000-0765: Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka↗2000-10-13

▶