CVE-2000-0854

critical Microsoft
CVSS v3 Base Score
10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
28.4%
Exploitation probability in 30 days
Top 3% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: November 14, 2000 (9312 days ago)
Last Modified: April 16, 2026
Vendor: Microsoft
Source: NVD

Description

When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document.

CWE

NVD-CWE-Other

Affected Products

microsoft office

References

🔗 archives.neohapsis.com 🔗 archives.neohapsis.com 🔗 archives.neohapsis.com 🔗 www.securityfocus.com 🔗 exchange.xforce.ibmcloud.com