CVE-2000-0854

Microsoft Office 2000 - Code Injection

Title source: llm

Description

When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Georgi Guninski · c++localwindows

https://www.exploit-db.com/exploits/20232

View Code ZIP pw:eip

References (5)

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2000-09/0277.html

[Third Party Advisory] http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0155.html

[Vendor Advisory] http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0117.html

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/1699

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/5263

Scores

EPSS 0.2841

EPSS Percentile 96.5%

Details

Status published

Products (1)

microsoft/office 2000

Published Nov 14, 2000

Tracked Since Feb 18, 2026