First published: Thu May 11 2000(Updated: )
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Access 2010 | =2000 | |
Microsoft Office Excel | =2000 | |
Microsoft Office FrontPage | =2000 | |
Microsoft Office | =2000 | |
Microsoft Outlook | =2000 | |
Microsoft PhotoDraw 2000 | =1.0 | |
Microsoft PowerPoint 2010 | =2000 | |
Microsoft Project 2010 | =2000 | |
Microsoft Office Word | =2000 | |
Microsoft Works Suite | =2000 | |
=2000 | ||
=2000 | ||
=2000 | ||
=2000 | ||
=2000 | ||
=1.0 | ||
=2000 | ||
=2000 | ||
=2000 | ||
=2000 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2000-0419 is classified as a high severity vulnerability due to its potential for unauthorized remote access.
To fix CVE-2000-0419, it is recommended to apply the latest security updates and patches provided by Microsoft for the affected Office 2000 applications.
CVE-2000-0419 affects multiple Microsoft Office 2000 products including Word, Excel, PowerPoint, and Access among others.
Yes, CVE-2000-0419 can be exploited remotely by attackers through the vulnerable ActiveX Control in Office Help.
In the context of CVE-2000-0419, being 'safe for scripting' means that the ActiveX Control can be manipulated by web content to perform functions without proper security checks, thereby increasing the risk of exploitation.