Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0102

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2009-0102
Last Modified 21 Aug 2010 01:29:44
Published 09 Dec 2009 01:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0102

Summary

Microsoft Project 2000 SR1 and 2002 SP1, and Office Project 2003 SP3, does not properly handle memory allocation for Project files, which allows remote attackers to execute arbitrary code via a malformed file, aka "Project Memory Validation Vulnerability."

Vulnerable Systems

Application

  • Microsoft Office Project 2007

  • Microsoft Project Portfolio Server 2007

  • Microsoft Project Server 2003

  • Microsoft Project Server 2007


References

CERT - TA09-342A

MS - MS09-074


Last Updated: 27 May 2016 10:50:06