Microsoft Word 2000 does not check AutoRecovery (.asd) files for macros, which allows a local attacker to execute arbitrary macros with the user ID of the Word user.
Max CVSS
7.2
EPSS Score
0.07%
Published
2001-08-14
Updated
2017-10-10
Microsoft Word 2002 and earlier allows attackers to automatically execute macros without warning the user by embedding the macros in a manner that escapes detection by the security scanner.
Max CVSS
4.6
EPSS Score
0.06%
Published
2001-07-21
Updated
2018-10-12
Microsoft Word before Word 2002 allows attackers to automatically execute macros without warning the user via a Rich Text Format (RTF) document that links to a template with the embedded macro.
Max CVSS
4.6
EPSS Score
0.05%
Published
2001-06-27
Updated
2018-10-12
3 vulnerabilities found