Back
CVE-2000-0597
Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability.
Published: Jun 27, 2000
Modified: Apr 16, 2026
CVSS Metrics
Affected Products (3)
| Vendor | Product | Version |
|---|---|---|
| microsoft | excel | 2000 |
| microsoft | powerpoint | 97 |
| microsoft | powerpoint | 2000 |
GitHub Security Advisory GHSA-m2cw-8f75-qf8v
Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting,...
References (6)
- http://www.securityfocus.com/bid/1399
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=39589349.ED9DBCAB%40nat.bg
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-049
- http://www.securityfocus.com/bid/1399
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=39589349.ED9DBCAB%40nat.bg
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-049
Risk Scores
CVSS Score
7.5 / 10
EPSS Score
9.56%
Top 7% most likely to be exploited
Threat Score
32.9 / 100
Data Sources
NVD
EPSS
GitHub