Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Onenote Security Vulnerabilities

cve
cve

CVE-2004-0200

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy oper...

7.6AI Score

0.957EPSS

2004-09-28 04:00 AM
68
cve
cve

CVE-2006-3877

Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-20...

7.1AI Score

0.757EPSS

2006-10-10 10:07 PM
38
cve
cve

CVE-2007-0671

Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.

7.5AI Score

0.943EPSS

2007-02-03 01:28 AM
35
cve
cve

CVE-2008-3068

Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to o...

6.7AI Score

0.026EPSS

2008-07-07 11:41 PM
27
cve
cve

CVE-2014-2815

Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability."

8.8CVSS

8.9AI Score

0.07EPSS

2014-08-12 09:55 PM
43
cve
cve

CVE-2015-2503

Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, PowerPoint 2010 SP2, Projec...

6.8AI Score

0.007EPSS

2015-11-11 11:59 AM
54
cve
cve

CVE-2016-3315

Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability."

5.5CVSS

5.6AI Score

0.023EPSS

2016-08-09 09:59 PM
50
cve
cve

CVE-2017-0197

Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability."

7.8CVSS

7.6AI Score

0.166EPSS

2017-04-12 02:59 PM
63
cve
cve

CVE-2017-8509

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506.

8.8CVSS

7.2AI Score

0.242EPSS

2017-06-15 01:29 AM
92
cve
cve

CVE-2023-21721

Microsoft OneNote Elevation of Privilege Vulnerability

6.5CVSS

7AI Score

0.001EPSS

2023-02-14 08:15 PM
78
cve
cve

CVE-2023-33140

Microsoft OneNote Spoofing Vulnerability

6.5CVSS

6.4AI Score

0.001EPSS

2023-06-14 12:15 AM
95
cve
cve

CVE-2023-36769

Microsoft OneNote Spoofing Vulnerability

5.4CVSS

5.3AI Score

0.001EPSS

2023-11-06 11:15 PM
117