Описание
Microsoft OneNote Information Disclosure Vulnerability
An information disclosure vulnerability exists when Microsoft OneNote improperly discloses its memory contents. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.
To exploit the vulnerability, an attacker could create a specially crafted OneNote file and convince a victim to open it. For an attack to be successful, the attacker must know the specific location of OneNote objects in memory.
The update addresses the vulnerability by changing the way certain OneNote functions handle objects in memory.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft OneNote 2007 Service Pack 3 | ||
| Microsoft OneNote for Mac 2016 | ||
| Microsoft OneNote 2016 (32-bit edition) | ||
| Microsoft OneNote 2016 (64-bit edition) | ||
| Microsoft OneNote 2010 Service Pack 2 (32-bit editions) | ||
| Microsoft OneNote 2010 Service Pack 2 (64-bit editions) | ||
| Microsoft OneNote 2013 Service Pack 1 (32-bit editions) | ||
| Microsoft OneNote 2013 Service Pack 1 (64-bit editions) | ||
| Microsoft OneNote 2013 RT Service Pack 1 | - |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
EPSS
Связанные уязвимости
Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability."
Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability."
Уязвимость программного средства для создания заметок Microsoft OneNote, позволяющая нарушителю получить конфиденциальную информацию
EPSS