CVE-2000-0597

Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability.

Published: Jun 27, 2000
Updated: Nov 8, 2023
CVE: CVE-2000-0597
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / powerpoint	2000	2000.x
microsoft / excel	2000	2000.x
microsoft / powerpoint	97	97.x

http://www.securityfocus.com/bid/1399
http://www.securityfocus.com/templates/archive.pike?list=1&[email protected]
http://www.securityfocus.com/templates/archive.pike?list=1&msg=39589349.ED9DBCAB%40nat.bg
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-049

Vulnerability Database

289,599

CVE-2000-0597