Remote code execution in Microsoft Project

CERT-LatestNews ThreatsCybercrime VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesMicrosoft
Exploit availability: No Description. CWE-20 - Improper Input Validation The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to insufficient validation of user-supplied input when the software fails to check the source markup of a file in Microsoft Project software.