vulnerability bulletin CVE-2009-0102

Microsoft Project: code execution

Synthesis of the vulnerability

An attacker can invite the victim to open a malicious file with Microsoft Project in order to execute code in his computer.

Severity: 3/4. Creation date: 09/12/2009.

Description of the vulnerability

When the victim opens a malicious Microsoft Project file, an allocation error occurs and corrupts the memory. Technical details are unknown. An attacker can thus invite the victim to open a malicious file with Microsoft Project in order to execute code in his computer.

Complete Vigil@nce bulletin

Access to the complete Vigil@nce bulletin

Characteristics

Title: Microsoft Project: code execution. Keywords: Microsoft Project code execution. Identifiers: 967183, BID-37211, CVE-2009-0102, MS09-074, VIGILANCE-VUL-9248.

Information sources

Publications and announces Source example: MS09-074 - Vulnerability in Microsoft Office Project Could Allow Remote Code Execution (967183)

Solutions for this vulnerability

Patch or workaround

Computer vulnerabilities tracking service

The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Systems vulnerabilities