漏洞信息详情
Microsoft Internet Explorer 5.01 和Excel/Powerpoint 2000 ActiveX 对象执行漏洞
- CNNVD编号:CNNVD-200006-107
- 危害等级: 高危
![图片[1]-Microsoft Internet Explorer 5.01 和Excel/Powerpoint 2000 ActiveX 对象执行漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-07/bbdd3e8868c10d22861b2275d65f4500.png)
- CVE编号:
CVE-2000-0597
- 漏洞类型:
边界条件错误
- 发布时间:
2000-06-27
- 威胁类型:
远程
- 更新时间:
2005-10-12
- 厂 商:
microsoft - 漏洞来源:
Posted to Bugtraq … -
漏洞简介
Microsoft Office 2000 (Excel and PowerPoint)和PowerPoint 97标记为可安全执行脚本。远程攻击者借助Visual Basic for Applications (VBA) SaveAs函数强制Internet Explorer或电子邮件客户端将文件保存到任意位置,又称为\”Office HTML Script\”漏洞。
漏洞公告
Microsoft has released the following patches which eliminates the vulnerability. Once the patch is installed, Excel 2000 or PowerPoint 2000 can only be scripted if the Initialize and script ActiveX controls marked unsafe option in Internet Explorer is set to Enable.
Microsoft Excel 2000
-
Microsoft Addinsec
http://download.microsoft.com/download/office2000prem/Addinsec/2000/WI
N98/EN-US/Addinsec.exe
Microsoft PowerPoint 97
-
Microsoft ppt97sec
http://download.microsoft.com/download/powerpoint97win95/ppt97sec/97/W
IN98/EN-US/ppt97sec.EXE
Microsoft PowerPoint 2000
参考网址
来源: BUGTRAQ
名称: 20000627 IE 5 and Excel 2000, PowerPoint 2000 vulnerability – executing programs
链接:http://www.securityfocus.com/templates/archive.pike?list=1&msg=39589349.ED9DBCAB@nat.bg
来源: MS
名称: MS00-049
链接:http://www.microsoft.com/technet/security/bulletin/MS00-049.asp
来源: BID
名称: 1399
链接:http://www.securityfocus.com/bid/1399
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
