Vulnerability Description
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Access | 2000 |
| Microsoft | Excel | 2000 |
| Microsoft | Frontpage | 2000 |
| Microsoft | Office | 2000 |
| Microsoft | Outlook | 2000 |
| Microsoft | Photodraw 2000 | 1.0 |
| Microsoft | Powerpoint | 2000 |
| Microsoft | Project | 2000 |
| Microsoft | Word | 2000 |
| Microsoft | Works | 2000 |
References
- http://www.cert.org/advisories/CA-2000-07.htmlUS Government Resource
- http://www.microsoft.com/technet/support/kb.asp?ID=262767
- http://www.securityfocus.com/bid/1197
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-03
- http://www.cert.org/advisories/CA-2000-07.htmlUS Government Resource
- http://www.microsoft.com/technet/support/kb.asp?ID=262767
- http://www.securityfocus.com/bid/1197
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-03
FAQ
What is CVE-2000-0419?
CVE-2000-0419 is a vulnerability with a CVSS score of 7.5 (HIGH). The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 U...
How severe is CVE-2000-0419?
CVE-2000-0419 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-0419?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Access, Microsoft Excel, Microsoft Frontpage, Microsoft Office, Microsoft Outlook.