Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Project
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 30 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-11-14 | CVE-2018-8575 | A remote code execution vulnerability exists in Microsoft Project software when it fails to properly handle objects in memory, aka "Microsoft Project Remote Code Execution Vulnerability." This affects Microsoft Project, Office 365 ProPlus, Microsoft Project Server. | Office_365_proplus, Project | 7.8 | ||
| 2015-11-11 | CVE-2015-2503 | Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, PowerPoint 2010 SP2, Project 2010 SP2, Publisher 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Pinyin IME 2010, Access 2013 SP1, Excel 2013 SP1, InfoPath 2013 SP1, OneNote 2013 SP1, PowerPoint 2013 SP1, Project 2013 SP1,... | Access, Excel, Infopath, Lync, Office_2007_ime, Onenote, Pinyin_ime, Powerpoint, Project, Project_server, Publisher, Skype_for_business, Visio, Word | N/A | ||
| 2008-12-10 | CVE-2008-4256 | The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "Charts Control Memory Corruption Vulnerability." | Office_frontpage, Project, Visual_basic, Visual_foxpro, Visual_studio_\.net | N/A | ||
| 2008-12-10 | CVE-2008-4255 | Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote attackers to execute arbitrary code via an AVI file with a crafted stream length, which triggers an "allocation error" and memory corruption, aka "Windows Common AVI Parsing Overflow Vulnerability." | Office_frontpage, Project, Visual_basic, Visual_foxpro, Visual_studio_\.net | N/A | ||
| 2008-12-10 | CVE-2008-4254 | Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted (1) Rows and (2) Cols properties to the (a) ExpandAll and (b) CollapseAll methods, related to access of incorrectly initialized objects and corruption of the "system state," aka "Hierarchical FlexGrid Control Memory Corruption Vulnerability." | Office_frontpage, Project, Visual_basic, Visual_foxpro, Visual_studio_\.net | N/A | ||
| 2008-12-10 | CVE-2008-4253 | The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "FlexGrid Control Memory Corruption Vulnerability." | Office_frontpage, Project, Visual_basic, Visual_foxpro, Visual_studio_\.net | N/A | ||
| 2008-12-10 | CVE-2008-4252 | The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "DataGrid Control Memory Corruption Vulnerability." | Office_frontpage, Project, Visual_basic, Visual_foxpro, Visual_studio_\.net | N/A | ||
| 2008-04-08 | CVE-2008-1088 | Microsoft Project 2000 Service Release 1, 2002 SP1, and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a crafted Project file, related to improper validation of "memory resource allocations." | Project | N/A | ||
| 2007-02-03 | CVE-2007-0671 | Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks. | Access, Excel, Excel_viewer, Frontpage, Infopath, Office, Onenote, Outlook, Powerpoint, Project, Publisher, Visio, Word, Word_viewer | N/A | ||
| 2006-10-10 | CVE-2006-3877 | Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876. | Access, Excel, Excel_viewer, Frontpage, Infopath, Office, Onenote, Outlook, Powerpoint, Project, Publisher, Visio, Word, Word_viewer | N/A |