Vulnerability in Microsoft Project
CVE-2018-8575
A remote code execution vulnerability exists in Microsoft Project software when it fails to properly handle objects in memory, aka "Microsoft Project Remote Code Execution Vulnerability." This affects Microsoft Project, Office 365 ProPlus…
EPSS: 0.238 (96.1th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Project — versions 2010 Service Pack 2 (32-bit editions), 2010 Service Pack 2 (64-bit editions), 2016 (32-bit edition)
- Microsoft Project Server — versions 2013 Service Pack 1 (32-bit edition), 2013 Service Pack 1 (64-bit edition)
- Microsoft Office — versions 365 ProPlus for 32-bit Systems, 365 ProPlus for 64-bit Systems
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8575 (x_refsource_CONFIRM)
- 105807 (vdb-entry, x_refsource_BID)
- 1042116 (vdb-entry, x_refsource_SECTRACK)