Code injection

Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability."...

CVE-2017-0197

CVE-2017-0197 affects Microsoft OneNote 2007 SP3 and OneNote 2010 SP2. A DLL loading remote code execution vulnerability exists: an attacker can cause arbitrary code execution by convincing a user to open a specially crafted OneNote document. The issue is triggered by improper DLL loading validat...

Microsoft OneNote DLL Loading RCE Vulnerability (KB3191829)

This host is missing an important security update according to Microsoft security updates KB3191829. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Microsoft Office OneNote 2007 DLL Hijacking Vulnerability

Exploit for windows platform in category local exploits ------------------------------------------------------------------------ Microsoft Office OneNote 2007 DLL side loading vulnerability ------------------------------------------------------------------------ Yorick Koster, September 2015...

Microsoft OneNote Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Microsoft OneNote improperly validates input before loading dynamic link library DLL files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, ...

MS13-025: Description of the security update for Microsoft OneNote: March 12, 2013

MS13-025: Description of the security update for Microsoft OneNote: March 12, 2013 INTRODUCTION Microsoft has released security bulletin MS13-025. To view the complete security bulletin, visit one of the following Microsoft websites: Home...

CVE-2016-3315

Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability."...

Information disclosure

Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability."...

CVE-2016-3315

Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability."...

Microsoft OneNote CVE-2016-3315 Information Disclosure Vulnerability

Description Microsoft OneNote is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft OneNote 2007 SP3 Microsoft OneNote 2010 Service Pack 2 32-bit editions...

Microsoft OneNote Remote Code Execution Vulnerability (3114862)

This host is missing an important security update according to Microsoft Bulletin MS16-070. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

MS16-054: Security Update for Microsoft Office (3155544) (Mac OS X)

The version of Microsoft Office installed on the remote Mac OS X host is affected by a remote code execution vulnerability due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this by convincing a user to open a specially crafted file in Microsoft Office,...

Microsoft OneNote Privilege Elevation Vulnerability (3104540)

This host is missing an important security update according to Microsoft Bulletin MS15-116. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

CVE-2014-2815

Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability."...

Microsoft OneNote File Processing CVE-2014-2815 Remote Code Execution Vulnerability

Description Microsoft OneNote is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsof...

Design/Logic Flaw

Microsoft OneNote 2010 SP1 does not properly determine buffer sizes during memory allocation, which allows remote attackers to obtain sensitive information via a crafted OneNote file, aka "Buffer Size Validation Vulnerability."...

Microsoft OneNote Information Disclosure Vulnerability (2816264)

This host is missing an important security update according to Microsoft Bulletin MS13-025. OpenVAS Vulnerability Test $Id: secpodms13-025.nasl 6074 2017-05-05 09:03:14Z teissa $ Microsoft OneNote Information Disclosure Vulnerability 2816264 Authors: Thanga Prakash S Copyright: Copyright c 2013...

Microsoft OneNote information leakage

Information leakage on OneNote files parsing...

CVE-2013-0086

Microsoft OneNote 2010 SP1 does not properly determine buffer sizes during memory allocation, which allows remote attackers to obtain sensitive information via a crafted OneNote file, aka "Buffer Size Validation Vulnerability."...

Microsoft OneNote Detection (Windows SMB Login)

Detects the installed version of Microsoft OneNote. The script logs in via smb, and detect the version of Microsoft OneNote on remote host and sets the KB. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...