Project Security Vulnerabilities and Issues — Project CVE List

Lucene search

MicrosoftProject

16 matches found

CVE•added 2009/10/14 10:30 a.m.•133 views

CVE-2009-2528

GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."

9.3CVSS7.2AI score0.43234EPSS

CVE•added 2009/10/14 10:30 a.m.•119 views

CVE-2009-2500

Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office ...

9.3CVSS7.9AI score0.54154EPSS

CVE•added 2009/10/14 10:30 a.m.•119 views

CVE-2009-3126

9.3CVSS9.7AI score0.48214EPSS

CVE•added 2004/09/28 4:0 a.m.•113 views

CVE-2004-0200

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy oper...

9.3CVSS7.6AI score0.76686EPSS

CVE•added 2020/07/14 11:15 p.m.•108 views

CVE-2020-1449

A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file, aka 'Microsoft Project Remote Code Execution Vulnerability'.

9.3CVSS7.9AI score0.14767EPSS

CVE•added 2009/10/14 10:30 a.m.•105 views

CVE-2009-2501

Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP...

9.3CVSS9.7AI score0.42403EPSS

CVE•added 2009/10/14 10:30 a.m.•97 views

CVE-2009-2502

Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office E...

9.3CVSS9.7AI score0.42434EPSS

CVE•added 2015/11/11 11:59 a.m.•85 views

CVE-2015-2503

Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, PowerPoint 2010 SP2, Projec...

9.3CVSS6.8AI score0.20241EPSS

CVE•added 2009/10/14 10:30 a.m.•83 views

CVE-2009-2503

GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Of...

9.3CVSS9.6AI score0.41156EPSS

CVE•added 2009/10/14 10:30 a.m.•81 views

CVE-2009-2504

Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project...

9.3CVSS9.7AI score0.46054EPSS

CVE•added 2006/10/10 10:7 p.m.•72 views

CVE-2006-3877

Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-20...

9.3CVSS7.1AI score0.55161EPSS

CVE•added 2018/11/14 1:29 a.m.•72 views

CVE-2018-8575

A remote code execution vulnerability exists in Microsoft Project software when it fails to properly handle objects in memory, aka "Microsoft Project Remote Code Execution Vulnerability." This affects Microsoft Project, Office 365 ProPlus, Microsoft Project Server.

9.3CVSS8AI score0.20332EPSS

CVE•added 2007/02/03 1:28 a.m.•69 views

CVE-2007-0671

Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.

9.3CVSS7.5AI score0.6616EPSS

CVE•added 2008/12/10 2:0 p.m.•58 views

CVE-2008-4255

Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote ...

9.3CVSS7.7AI score0.53439EPSS

CVE•added 2006/10/10 10:7 p.m.•57 views

CVE-2006-3864

Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and 2003, and Microsoft PowerPoint 2000, XP, and 2003, allows remote user-assisted attackers to execute arbitrary code via a malformed record in a (1) .DOC, (2) .PPT, or (3) .XLS file that triggers memory corruption, related to an "...

9.3CVSS7.2AI score0.54494EPSS

CVE•added 2008/04/08 11:5 p.m.•40 views

CVE-2008-1088

Microsoft Project 2000 Service Release 1, 2002 SP1, and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a crafted Project file, related to improper validation of "memory resource allocations."

9.3CVSS7.4AI score0.56734EPSS