{"cve":{"cve_id":"CVE-2018-8575","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.19268,"epss_percentile":0.96981,"epss_as_of":"2026-06-23","description":"A remote code execution vulnerability exists in Microsoft Project software when it fails to properly handle objects in memory, aka \"Microsoft Project Remote Code Execution Vulnerability.\" This affects Microsoft Project, Office 365 ProPlus, Microsoft Project Server.","published_at":"2018-11-14T01:00:00Z","last_modified_at":null,"cvss_v3_score":null,"cvss_v3_vector":null,"cvss_v3_severity":null,"cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":null,"nvd_references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8575","http://www.securityfocus.com/bid/105807","http://www.securitytracker.com/id/1042116"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:11:41.441717Z"},"effective_severity":null,"badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":null,"metrics":[]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-project","product_name":"Microsoft Project","version_start":"2010 Service Pack 2 (32-bit editions)","version_start_inclusive":true,"version_end":"2010 Service Pack 2 (32-bit editions)","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-project:2010 Service Pack 2 (32-bit editions):2010 Service Pack 2 (32-bit editions)"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-project","product_name":"Microsoft Project","version_start":"2010 Service Pack 2 (64-bit editions)","version_start_inclusive":true,"version_end":"2010 Service Pack 2 (64-bit editions)","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-project:2010 Service Pack 2 (64-bit editions):2010 Service Pack 2 (64-bit editions)"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-project","product_name":"Microsoft Project","version_start":"2016 (32-bit edition)","version_start_inclusive":true,"version_end":"2016 (32-bit edition)","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-project:2016 (32-bit edition):2016 (32-bit edition)"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-project","product_name":"Microsoft Project","version_start":"2016 (64-bit edition)","version_start_inclusive":true,"version_end":"2016 (64-bit edition)","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-project:2016 (64-bit edition):2016 (64-bit edition)"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-project-server","product_name":"Microsoft Project Server","version_start":"2013 Service Pack 1 (64-bit edition)","version_start_inclusive":true,"version_end":"2013 Service Pack 1 (64-bit edition)","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-project-server:2013 Service Pack 1 (64-bit edition):2013 Service Pack 1 (64-bit edition)"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"microsoft-project-server","product_name":"Microsoft Project Server","version_start":"2013 Service Pack 1 (32-bit edition)","version_start_inclusive":true,"version_end":"2013 Service Pack 1 (32-bit edition)","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:microsoft-project-server:2013 Service Pack 1 (32-bit edition):2013 Service Pack 1 (32-bit edition)"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"office","product_name":"office","version_start":"365 ProPlus for 32-bit Systems","version_start_inclusive":true,"version_end":"365 ProPlus for 32-bit Systems","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:office:365 ProPlus for 32-bit Systems:365 ProPlus for 32-bit Systems"},{"vendor_slug":"microsoft","vendor_name":"Microsoft","product_slug":"office","product_name":"office","version_start":"365 ProPlus for 64-bit Systems","version_start_inclusive":true,"version_end":"365 ProPlus for 64-bit Systems","version_end_inclusive":true,"cpe23_uri":"cve5:microsoft:office:365 ProPlus for 64-bit Systems:365 ProPlus for 64-bit Systems"}],"exploit_refs":[],"news":[],"references":[{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8575","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"http://www.securityfocus.com/bid/105807","source_type":"MISC","tags":[]},{"url":"http://www.securitytracker.com/id/1042116","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2018-11-14T01:00:00Z","label":"CVE published","source":null}]}