CVE-2000-0597

Published: Jun 27, 2000Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability.

Affected (3)

Products: Microsoft: Excel, Powerpoint

2 products

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Microsoft Excel	Version 2000
Microsoft Powerpoint	Version 2000
Microsoft Powerpoint	Version 97

References (6)

http://www.securityfocus.com/bid/1399

Source: cve@mitre.org

http://www.securityfocus.com/templates/archive.pike?list=1&msg=39589349.ED9DBCAB%40nat.bg

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-049

Source: cve@mitre.org

http://www.securityfocus.com/bid/1399

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/templates/archive.pike?list=1&msg=39589349.ED9DBCAB%40nat.bg

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-049

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.