CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2000-0788
https://notcve.org/view.php?id=CVE-2000-0788
The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands. • http://www.securityfocus.com/bid/1566 http://www.securityfocus.com/templates/archive.pike?list=1&msg=398EB9CA.27E03A9C%40nat.bg https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-071 https://exchange.xforce.ibmcloud.com/vulnerabilities/5322 •
CVSS: 7.5EPSS: 2%CPEs: 10EXPL: 0CVE-2000-0419
https://notcve.org/view.php?id=CVE-2000-0419
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability. • http://www.cert.org/advisories/CA-2000-07.html http://www.microsoft.com/technet/support/kb.asp?ID=262767 http://www.securityfocus.com/bid/1197 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-034 •
CVSS: 10.0EPSS: 68%CPEs: 7EXPL: 3CVE-1999-1011 – MS99-025 Microsoft IIS MDAC msadcs.dll RDS Arbitrary Remote Command Execution
https://notcve.org/view.php?id=CVE-1999-1011
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands. • https://www.exploit-db.com/exploits/19425 https://www.exploit-db.com/exploits/19424 http://www.ciac.org/ciac/bulletins/j-054.shtml http://www.osvdb.org/272 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-004 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-025 https://www.securityfocus.com/bid/529 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/iis/msadc.rb • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-1999-0364
https://notcve.org/view.php?id=CVE-1999-0364
Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data. • http://marc.info/?l=bugtraq&m=91816470220259&w=2 •