CVE-2020-1322 vulnerability in Microsoft Products
Published on June 9, 2020

An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'.

NVD

Products Associated with CVE-2020-1322

stack.watch emails you whenever new vulnerabilities are published in Microsoft Office or Microsoft Project. Just hit a watch button to start following.

Microsoft Office

Microsoft Project

Affected Versions

Microsoft Project:

Version 2013 Service Pack 1 (32-bit editions) is affected.
Version 2013 Service Pack 1 (64-bit editions) is affected.
Version 2016 (32-bit edition) is affected.
Version 2016 (64-bit edition) is affected.
Version 2010 Service Pack 2 (32-bit editions) is affected.
Version 2010 Service Pack 2 (64-bit editions) is affected.

Microsoft Office:

Version 2019 for 32-bit editions is affected.
Version 2019 for 64-bit editions is affected.

Microsoft 365 Apps for Enterprise for 64-bit Systems:

Version unspecified is affected.

Microsoft 365 Apps for Enterprise for 32-bit Systems:

Version unspecified is affected.

Exploit Probability

EPSS

25.13%

Percentile

96.07%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-1322 vulnerability in Microsoft ProductsPublished on June 9, 2020

Products Associated with CVE-2020-1322

Affected Versions

Exploit Probability

CVE-2020-1322 vulnerability in Microsoft Products
Published on June 9, 2020