Microsoft: >> Access Security Vulnerabilities
Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.
CVSS Score
9.3
EPSS Score
0.366
Published
2006-10-10
Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control.
CVSS Score
7.5
EPSS Score
0.356
Published
2003-10-20
The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.
CVSS Score
10.0
EPSS Score
0.105
Published
2000-10-20
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
CVSS Score
7.5
EPSS Score
0.109
Published
2000-05-11
Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data.
CVSS Score
10.0
EPSS Score
0.117
Published
1999-01-01
Page 3