The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:33
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/1566 - Exploit, Vendor Advisory | |
References | () http://www.securityfocus.com/templates/archive.pike?list=1&msg=398EB9CA.27E03A9C%40nat.bg - | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-071 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/5322 - |
Information
Published : 2000-10-20 04:00
Updated : 2024-11-20 23:33
NVD link : CVE-2000-0788
Mitre link : CVE-2000-0788
CVE.ORG link : CVE-2000-0788
JSON object : View
Products Affected
microsoft
- word
- access
CWE