| Vigil@nce describes vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability bulletin CVE-2009-0102
Microsoft Project: code execution
Synthesis of the vulnerability
| An attacker can invite the victim to open a malicious file with Microsoft Project in order to execute code in his computer. |
Severity: 3/4.
Consequences: user access/rights.
Provenance: document.
Means of attack: no proof of concept, no attack.
Ability of attacker: expert (4/4).
Confidence: confirmed by the editor (5/5).
Diffusion of the vulnerable configuration: high (3/3).
Creation date: 09/12/2009.
|
Impacted products
Description of the vulnerability
When the victim opens a malicious Microsoft Project file, an allocation error occurs and corrupts the memory.
Technical details are unknown.
An attacker can thus invite the victim to open a malicious file with Microsoft Project in order to execute code in his computer. |
Characteristics
Information sources
Solutions for this vulnerability
|