CVE-2000-0854
First published: Tue Nov 14 2000(Updated: )
When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Office | =2000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2000-0854?
CVE-2000-0854 is considered to have a high severity due to its potential for arbitrary code execution.
How do I fix CVE-2000-0854?
To fix CVE-2000-0854, ensure that Microsoft Office 2000 is updated with the latest security patches from Microsoft.
What types of exploits are associated with CVE-2000-0854?
Exploits associated with CVE-2000-0854 typically involve placing a Trojan Horse DLL in the same directory as an Office document.
Which versions of Microsoft Office are affected by CVE-2000-0854?
CVE-2000-0854 specifically affects Microsoft Office 2000.
Can CVE-2000-0854 affect other operating systems?
CVE-2000-0854 primarily impacts Windows systems where Microsoft Office 2000 is installed.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/author
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft office
- version/microsoft office/2000