Lucene search

[email protected]CVE-2000-0854

HistoryMay 07, 2001 - 4:00 a.m.

CVE-2000-0854

2001-05-0704:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0854

microsoft office 2000

dll hijack

trojan horse

information security

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON

When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL’s such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document.

Affected configurations

NVD

Node

microsoftofficeMatch2000

CPENameOperatorVersion
microsoft:officemicrosoft officeeq2000

CPE	Name	Operator	Version
microsoft:office	microsoft office	eq	2000

References

archives.neohapsis.com/archives/bugtraq/2000-09/0277.html

archives.neohapsis.com/archives/ntbugtraq/2000-q3/0155.html

archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0117.html

www.securityfocus.com/bid/1699

exchange.xforce.ibmcloud.com/vulnerabilities/5263

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON

Related for CVE-2000-0854

nvd1 cvelist1