Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0628

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-0628
Last Modified 05 Sep 2008 04:24:34
Published 14 Aug 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0628

Summary

Microsoft Word 2000 does not check AutoRecovery (.asd) files for macros, which allows a local attacker to execute arbitrary macros with the user ID of the Word user.

Vulnerable Systems

Application

  • Microsoft Word 2000


References

XF - word-asd-macro-execution(6614)

BID - 2760

MSKB - Q274228


Last Updated: 27 May 2016 10:36:20