Unrated severityNVD Advisory· Published Jun 27, 2000· Updated Apr 16, 2026

CVE-2000-0597

Description

Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability.

Affected products

Microsoft/Excel
cpe:2.3:a:microsoft:excel:2000:*:*:*:*:*:*:*
Microsoft/Powerpoint2 versions
cpe:2.3:a:microsoft:powerpoint:2000:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:powerpoint:2000:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:powerpoint:97:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/1399nvd
www.securityfocus.com/templates/archive.pikenvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-049nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.008
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000