Vulnerability in Microsoft Access

CVE-2000-0419

The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.

EPSS: 0.210 (97.3th percentile) — read the EPSS interpretation.

Affected products

Microsoft Access — versions 2000
Microsoft Excel — versions 2000
Microsoft Frontpage — versions 2000
Microsoft Office — versions 2000
Microsoft Outlook — versions 2000
Microsoft Photodraw_2000 — versions 1.0
Microsoft Powerpoint — versions 2000
Microsoft Project — versions 2000
Microsoft Word — versions 2000
Microsoft Works — versions 2000

References

cve@mitre.org (x_refsource_MS, vendor-advisory)
cve@mitre.org (vdb-entry, x_refsource_BID)
cve@mitre.org (vendor-advisory, x_refsource_MSKB)
cve@mitre.org (US Government Resource, x_refsource_CERT, third-party-advisory)