Описание
The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.
Ссылки
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:access:2000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2000:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.10498
Средний
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.
EPSS
Процентиль: 93%
0.10498
Средний
10 Critical
CVSS2
Дефекты
NVD-CWE-Other