Vulnerabilities > CVE-2000-0277 - 7PK - Security Features vulnerability in Microsoft Excel 2000/97

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

microsoft

CWE-254

NVD

Published: 2000-04-03

Updated: 2018-10-12

Summary

Microsoft Excel 97 and 2000 does not warn the user when executing Excel Macro Language (XLM) macros in external text files, which could allow an attacker to execute a macro virus, aka the "XLM Text Macro" vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Excel 97 Microsoft Excel 2000	2

Common Weakness Enumeration (CWE)

CWE-254 - 7PK - Security Features

References

http://www.osvdb.org/1272
http://www.securityfocus.com/bid/1087
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-022