CVE-1999-0354

Name of the Vulnerable Software and Affected Versions Internet Explorer versions 4.x through 5.x Word 97

Description The issue allows arbitrary execution of Visual Basic programs on the client-side through a Word 97 template that contains executable content without warning the user. This also affects Outlook when a user views a malicious email message.

Recommendations For Internet Explorer versions 4.x through 5.x, avoid using Word 97 templates that may contain executable content until a fix is available. For Word 97, refrain from opening templates from untrusted sources to minimize the risk of exploitation. As a temporary workaround, consider disabling the execution of Visual Basic programs in Word 97 and Internet Explorer until a patch is available.