CVE-2000-0419
First published: Thu May 11 2000(Updated: )
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Access 2010 | =2000 | |
| Microsoft Office Excel | =2000 | |
| Microsoft Office FrontPage | =2000 | |
| Microsoft Office | =2000 | |
| Microsoft Outlook | =2000 | |
| Microsoft PhotoDraw 2000 | =1.0 | |
| Microsoft PowerPoint 2010 | =2000 | |
| Microsoft Project 2010 | =2000 | |
| Microsoft Office Word | =2000 | |
| Microsoft Works Suite | =2000 | |
| =2000 | ||
| =2000 | ||
| =2000 | ||
| =2000 | ||
| =2000 | ||
| =1.0 | ||
| =2000 | ||
| =2000 | ||
| =2000 | ||
| =2000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2000-0419?
CVE-2000-0419 is classified as a high severity vulnerability due to its potential for unauthorized remote access.
How do I fix CVE-2000-0419?
To fix CVE-2000-0419, it is recommended to apply the latest security updates and patches provided by Microsoft for the affected Office 2000 applications.
What are the affected products in CVE-2000-0419?
CVE-2000-0419 affects multiple Microsoft Office 2000 products including Word, Excel, PowerPoint, and Access among others.
Can CVE-2000-0419 be exploited remotely?
Yes, CVE-2000-0419 can be exploited remotely by attackers through the vulnerable ActiveX Control in Office Help.
What does it mean for an ActiveX Control to be marked as 'safe for scripting' in CVE-2000-0419?
In the context of CVE-2000-0419, being 'safe for scripting' means that the ActiveX Control can be manipulated by web content to perform functions without proper security checks, thereby increasing the risk of exploitation.
- agent/references
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/event
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- vendor/microsoft
- canonical/microsoft access 2010
- version/microsoft access 2010/2000
- canonical/microsoft office excel
- version/microsoft office excel/2000
- canonical/microsoft office frontpage
- version/microsoft office frontpage/2000
- canonical/microsoft office
- version/microsoft office/2000
- canonical/microsoft outlook
- version/microsoft outlook/2000
- canonical/microsoft photodraw 2000
- version/microsoft photodraw 2000/1.0
- canonical/microsoft powerpoint 2010
- version/microsoft powerpoint 2010/2000
- canonical/microsoft project 2010
- version/microsoft project 2010/2000
- canonical/microsoft office word
- version/microsoft office word/2000
- canonical/microsoft works suite
- version/microsoft works suite/2000