Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0597

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2000-0597
Last Modified 10 Sep 2008 03:05:10
Published 27 Jun 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0597

Summary

Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability.

Vulnerable Systems

Application

  • Microsoft Excel 2000

  • Microsoft Powerpoint 2000

  • Microsoft Powerpoint 97


References

BUGTRAQ - 20000627 IE 5 and Excel 2000, PowerPoint 2000 vulnerability - executing programs

MS - MS00-049

BID - 1399


Last Updated: 27 May 2016 10:35:47