Lucene search

K
cvelistMicrosoftCVELIST:CVE-2020-1322
HistoryJun 09, 2020 - 7:44 p.m.

CVE-2020-1322

2020-06-0919:44:08
microsoft
www.cve.org

6.1 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.9%

An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka ‘Microsoft Project Information Disclosure Vulnerability’.

CNA Affected

[
  {
    "product": "Microsoft Project",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2013 Service Pack 1 (32-bit editions)"
      },
      {
        "status": "affected",
        "version": "2013 Service Pack 1 (64-bit editions)"
      },
      {
        "status": "affected",
        "version": "2016 (32-bit edition)"
      },
      {
        "status": "affected",
        "version": "2016 (64-bit edition)"
      },
      {
        "status": "affected",
        "version": "2010 Service Pack 2 (32-bit editions)"
      },
      {
        "status": "affected",
        "version": "2010 Service Pack 2 (64-bit editions)"
      }
    ]
  },
  {
    "product": "Microsoft Office",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2019 for 32-bit editions"
      },
      {
        "status": "affected",
        "version": "2019 for 64-bit editions"
      }
    ]
  },
  {
    "product": "Microsoft 365 Apps for Enterprise for 64-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Microsoft 365 Apps for Enterprise for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  }
]

6.1 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.9%