CVE-2020-1322

Summary

An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Project2013 Service Pack 1 (32-bit editions)affected
MicrosoftMicrosoft Project2013 Service Pack 1 (64-bit editions)affected
MicrosoftMicrosoft Project2016 (32-bit edition)affected
MicrosoftMicrosoft Project2016 (64-bit edition)affected
MicrosoftMicrosoft Project2010 Service Pack 2 (32-bit editions)affected
MicrosoftMicrosoft Project2010 Service Pack 2 (64-bit editions)affected
MicrosoftMicrosoft Office2019 for 32-bit editionsaffected
MicrosoftMicrosoft Office2019 for 64-bit editionsaffected
MicrosoftMicrosoft 365 Apps for Enterprise for 64-bit Systemsunspecifiedaffected
MicrosoftMicrosoft 365 Apps for Enterprise for 32-bit Systemsunspecifiedaffected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References