Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2015 Greenbone AGOPENVAS:1361412562310806163
HistoryNov 11, 2015 - 12:00 a.m.

Microsoft OneNote Privilege Elevation Vulnerability (3104540)

2015-11-1100:00:00
Copyright (C) 2015 Greenbone AG
plugins.openvas.org
82

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0.007

Percentile

80.9%

JSON

This host is missing an important security
update according to Microsoft Bulletin MS15-116.

# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:microsoft:onenote";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.806163");
  script_version("2023-07-25T05:05:58+0000");
  script_cve_id("CVE-2015-2503");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2023-07-25 05:05:58 +0000 (Tue, 25 Jul 2023)");
  script_tag(name:"creation_date", value:"2015-11-11 14:34:29 +0530 (Wed, 11 Nov 2015)");
  script_tag(name:"qod_type", value:"executable_version");
  script_name("Microsoft OneNote Privilege Elevation Vulnerability (3104540)");

  script_tag(name:"summary", value:"This host is missing an important security
  update according to Microsoft Bulletin MS15-116.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"An elevation of privilege vulnerability
  exists in Microsoft Office software when an attacker instantiates an affected
  Office application via a COM control.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attackers to gain elevated privileges and break out of the Internet Explorer
  sandbox.");

  script_tag(name:"affected", value:"- Microsoft OneNote 2010 Service Pack 2

  - Microsoft OneNote 2013 Service Pack 1

  - Microsoft OneNote 2007 Service Pack 3

  - Microsoft OneNote 2016 Service Pack 1");

  script_tag(name:"solution", value:"The vendor has released updates. Please see the references for more information.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_xref(name:"URL", value:"https://support.microsoft.com/en-us/kb/2889915");
  script_xref(name:"URL", value:"https://support.microsoft.com/en-us/kb/3054978");
  script_xref(name:"URL", value:"https://support.microsoft.com/en-us/kb/3101371");
  script_xref(name:"URL", value:"https://technet.microsoft.com/en-us/library/security/MS15-116");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2015 Greenbone AG");
  script_family("Windows : Microsoft Bulletins");
  script_dependencies("gb_ms_onenote_detect.nasl");
  script_mandatory_keys("MS/Office/OneNote/Ver");
  script_xref(name:"URL", value:"https://technet.microsoft.com/en-us/security/bulletin/ms15-116");
  exit(0);
}

include("version_func.inc");
include("host_details.inc");

if( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );

exeVer = infos['version'];

notePath = infos['location'];
if( ! notePath ) notePath =  "Unable to fetch full installation path";

if(exeVer && exeVer =~ "^(12|14|15|16).*") {
  if(exeVer =~ "^12"){
    Vulnerable_range  =  "12.0 - 12.0.6735.4999";
  }
  else if(exeVer =~ "^14"){
    Vulnerable_range  =  "14 - 14.0.7162.4999";
  }
  else if(exeVer =~ "^15"){
    Vulnerable_range  =  "15 - 15.0.4763.0999";
  }
  else if(exeVer =~ "^16"){
    Vulnerable_range  =  "16 - 16.0.4300.1000";
  }

  if(version_in_range(version:exeVer, test_version:"12.0", test_version2:"12.0.6735.4999") ||
     version_in_range(version:exeVer, test_version:"14.0", test_version2:"14.0.7162.4999") ||
     version_in_range(version:exeVer, test_version:"15.0", test_version2:"15.0.4763.0999") ||
     version_in_range(version:exeVer, test_version:"16.0", test_version2:"16.0.4300.1000")) {
     report = 'File checked:     ' + notePath + 'onenote.exe'  + '\n' +
              'File version:     ' + exeVer  + '\n' +
              'Vulnerable range: ' + Vulnerable_range + '\n' ;
     security_message(data:report);
     exit(0);
  }
}

exit( 99 );

Related

symantec 1
openvas 7
cvelist 1
prion 1
cve 1
nvd 1
mskb 1
nessus 1
kaspersky 1
symantec
symantec
Microsoft Office CVE-2015-2503 Privilege Escalation Vulnerability
2015-11-10 00:00:00
openvas
openvas
Microsoft Visio Privilege Elevation Vulnerability (3104540)
2015-11-11 00:00:00
Microsoft InfoPath Memory Corruption Vulnerability (3141806)
2016-03-09 00:00:00
Microsoft InfoPath Privilege Elevation Vulnerability (3104540)
2015-11-11 00:00:00
cvelist
cvelist
CVE-2015-2503
2015-11-11 11:00:00
prion
prion
Privilege escalation
2015-11-11 11:59:00
cve
cve
CVE-2015-2503
2015-11-11 11:59:18
nvd
nvd
CVE-2015-2503
2015-11-11 11:59:18
mskb
mskb
MS15-116: Security update for Microsoft Office to address remote code execution: November 10, 2015
2017-03-30 05:38:34
nessus
nessus
MS15-116: Security Update for Microsoft Office to Address Remote Code Execution (3104540)
2015-11-10 00:00:00
kaspersky
kaspersky
KLA10696 Multiple vulnerabilities in Microsoft Office
2015-11-10 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0.007

Percentile

80.9%

JSON
Related for OPENVAS:1361412562310806163
symantec1openvas7cvelist1prion1cve1nvd1mskb1nessus1kaspersky1