Show filters
152 Total Results
Displaying 141-150 of 152
Sort by:
Attacker Value
Unknown

CVE-2002-0861

Disclosure Date: September 24, 2002 (last updated February 22, 2025)
Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the (1) Copy method of the Cell object or (2) the Paste method of the Range object.
0
Attacker Value
Unknown

CVE-2002-0618

Disclosure Date: August 12, 2002 (last updated February 22, 2025)
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution".
0
Attacker Value
Unknown

CVE-2002-0616

Disclosure Date: August 12, 2002 (last updated February 22, 2025)
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the "Excel Inline Macros Vulnerability."
0
Attacker Value
Unknown

CVE-2002-0617

Disclosure Date: August 12, 2002 (last updated February 22, 2025)
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, aka "Hyperlinked Excel Workbook Macro Bypass."
0
Attacker Value
Unknown

CVE-2002-0619

Disclosure Date: August 12, 2002 (last updated February 22, 2025)
The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic (VBA) scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge Vulnerability" (CVE-2000-0788).
0
Attacker Value
Unknown

CVE-2002-0615

Disclosure Date: July 03, 2002 (last updated February 22, 2025)
The Windows Media Active Playlist in Microsoft Windows Media Player 7.1 stores information in a well known location on the local file system, allowing attackers to execute HTML scripts in the Local Computer zone, aka "Media Playback Script Invocation".
0
Attacker Value
Unknown

CVE-2001-0003

Disclosure Date: February 12, 2001 (last updated February 22, 2025)
Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.
0
Attacker Value
Unknown

CVE-2000-0854

Disclosure Date: November 14, 2000 (last updated February 22, 2025)
When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document.
0
Attacker Value
Unknown

CVE-2000-0419

Disclosure Date: May 11, 2000 (last updated February 22, 2025)
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
0
Attacker Value
Unknown

CVE-2000-0088

Disclosure Date: January 20, 2000 (last updated February 22, 2025)
Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability.
0