Back
CVE-2000-0419
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
Published: May 11, 2000
Modified: Apr 16, 2026
CVSS Metrics
Affected Products (10)
| Vendor | Product | Version |
|---|---|---|
| microsoft | access | 2000 |
| microsoft | excel | 2000 |
| microsoft | frontpage | 2000 |
| microsoft | office | 2000 |
| microsoft | outlook | 2000 |
| microsoft | photodraw_2000 | 1.0 |
| microsoft | powerpoint | 2000 |
| microsoft | project | 2000 |
| microsoft | word | 2000 |
| microsoft | works | 2000 |
GitHub Security Advisory GHSA-g5jc-xm45-6763
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote...
References (8)
- http://www.cert.org/advisories/CA-2000-07.html US Government Resource
- http://www.microsoft.com/technet/support/kb.asp?ID=262767
- http://www.securityfocus.com/bid/1197
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-034
- http://www.cert.org/advisories/CA-2000-07.html US Government Resource
- http://www.microsoft.com/technet/support/kb.asp?ID=262767
- http://www.securityfocus.com/bid/1197
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-034
Risk Scores
CVSS Score
7.5 / 10
EPSS Score
14.17%
Top 6% most likely to be exploited
Threat Score
34.3 / 100
Data Sources
NVD
EPSS
GitHub