← CVECheck
HomeVulnerabilities

CVE-2000-0788 — HIGH severity vulnerability (The Mail Merge tool in Microsoft Word does not prompt the us)

The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.

CVE IDCVE-2000-0788
SeverityHIGH
CVSS score10.0
CVSS vectorAV:N/AC:L/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published2000-10-20
Last modified2026-04-16
DescriptionThe Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →