CVE-2000-0597

high Microsoft
CVSS v3 Base Score
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
9.6%
Exploitation probability in 30 days
Top 7% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: June 27, 2000 (9452 days ago)
Last Modified: April 16, 2026
Vendor: Microsoft
Source: NVD

Description

Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability.

CWE

NVD-CWE-Other

Affected Products

microsoft excelmicrosoft powerpoint

References

🔗 www.securityfocus.com 🔗 www.securityfocus.com 🔗 docs.microsoft.com 🔗 www.securityfocus.com 🔗 www.securityfocus.com