2 matches found
CVE-2009-0102
Summary: CVE-2009-0102 is a remote code execution vulnerability in Microsoft Office Project components. The flaw is rooted in how Project files are parsed; specifically, memory allocations are not properly validated when opening Project files, leading to memory corruption in winproj.exe and the a...
CVE-2006-6617
CVE-2006-6617 affects Microsoft Project Server 2003. The vulnerability lies in projectserver/logon/pdsrequest.asp where a GetInitializationData response can expose the UserName and Password fields, allowing remote authenticated users to obtain the MSProjectUser password for the SQL database. The ...