National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:microsoft:access:2000:sp1
There are 7 matching records.
Vuln ID Summary CVSS Severity
CVE-2008-1200

Unspecified vulnerability in Microsoft Access allows remote user-assisted attackers to execute arbitrary code via a crafted .MDB file, possibly related to Jet Engine (msjet40.dll). NOTE: this is probably a different issue than CVE-2007-6026.

Published: March 06, 2008; 04:44:00 PM -05:00
    V2: 9.3 HIGH
CVE-2007-6357

Stack-based buffer overflow in Microsoft Office Access allows remote, user-assisted attackers to execute arbitrary code via a crafted Microsoft Access Database (.mdb) file. NOTE: due to the lack of details as of 20071210, it is not clear whether this issue is the same as CVE-2007-6026 or CVE-2005-0944.

Published: December 14, 2007; 08:46:00 PM -05:00
    V2: 5.8 MEDIUM
CVE-2007-0671

Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.

Published: February 02, 2007; 08:28:00 PM -05:00
    V2: 9.3 HIGH
CVE-2006-3877

Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.

Published: October 10, 2006; 06:07:00 PM -04:00
    V2: 9.3 HIGH
CVE-2003-0665

Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control.

Published: October 20, 2003; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2000-0788

The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.

Published: October 20, 2000; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2000-0419

The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.

Published: May 11, 2000; 12:00:00 AM -04:00
    V2: 7.5 HIGH