102 matches found
CVE-2023-36769
Microsoft OneNote Spoofing Vulnerability...
CVE-2023-36769 Microsoft OneNote Spoofing Vulnerability
...
Microsoft OneNote Spoofing (August 2023)
The Microsoft OneNote Products are missing a security update. It is, therefore, affected by a spoofing vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable Network Security, Inc...
The vulnerability of the Microsoft OneNote note-taking software, related to errors in information presentation on the user interface, allows a hacker to perform spoofing attacks.
The vulnerability of the Microsoft OneNote note-taking software relates to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to perform spoofing attacks remotely...
Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing Vulnerability
Title: Microsoft OneNote Version 2305 Build 16.0.16501.20074 64-bit - Spoofing Author: nu11secur1ty Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en/microsoft-365/onenote/digital-note-taking-app Reference:...
Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing
Title: Microsoft OneNote Version 2305 Build 16.0.16501.20074 64-bit - Spoofing Author: nu11secur1ty Date: 06.22.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en/microsoft-365/onenote/digital-note-taking-app Reference:...
CVE-2023-33140
Microsoft OneNote Spoofing Vulnerability...
Spoofing
Microsoft OneNote Spoofing Vulnerability...
CVE-2023-33140 Microsoft OneNote Spoofing Vulnerability
...
CVE-2023-33140 Microsoft OneNote Spoofing Vulnerability
...
IcedID Malware Shifts Focus from Banking Fraud to Ransomware Delivery
Multiple threat actors have been observed using two new variants of the IcedID malware in the wild with more limited functionality that removes functionality related to online banking fraud. IcedID, also known as BokBot, started off as a banking trojan in 2017. It's also capable of delivering...
Emotet adopts Microsoft OneNote attachments
Last week, Emotet returned after a three month absence when the botnet Epoch 4 started sending out malicious emails with malicious Office macros. While the extracted attachments were inflated to several hundred megabytes, it was surprising to see that Emotet persisted in using the same attack...
CVE-2023-21721
Microsoft OneNote Elevation of Privilege Vulnerability...
CVE-2023-21721
Microsoft OneNote Elevation of Privilege Vulnerability...
Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware
In a continuing sign that threat actors are adapting well to a post-macro world, it has emerged that the use of Microsoft OneNote documents to deliver malware via phishing attacks is on the rise. Some of the notable malware families that are being distributed using this method include AsyncRAT,...
Rapid7 Observes Use of Microsoft OneNote to Spread Redline Infostealer Malware
Author: Thomas Elkins Contributors: Matt Green, James Dunne, and Hernan Diaz Rapid7 routinely conducts research into the wide range of techniques that threat actors use to conduct malicious activity. One objective of this research is to discover new techniques being used in the wild, so we can...
The vulnerability of the Microsoft OneNote note-taking software, related to insufficient validation of input data, allows a hacker to execute arbitrary code.
The vulnerability of the Microsoft OneNote note-taking software relates to insufficient validation of entered data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...
Security Updates for Microsoft Office Products (Nov 2022) (macOS)
The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability in Microsoft Word. CVE-2022-41061 - A remote code execution vulnerability in Microsoft Office Graphics. CVE-2022-41107 Note that Nessus has n...
Security Update for Microsoft Office (Feb 2019) (macOS)
The Microsoft Office application installed on the remote macOS or Mac OS X host is missing a security update. It is, therefore, affected by a vulnerability that allows remote attackers to bypass authentication to execute an arbitrary command through the protocol- compliant traffic. C Tenable...
Microsoft OneNote DLL Loading RCE Vulnerability (KB2589382)
This host is missing an important security update for Microsoft OneNote according to Microsoft security update KB2589382. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...