Описание
Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability."
Ссылки
- PatchVendor Advisory
- http://packetstormsecurity.com/files/164419/Microsoft-Office-OneNote-2007-Remote-Code-Execution.htmlThird Party AdvisoryVDB Entry
- Not Applicable
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- PatchVendor Advisory
- http://packetstormsecurity.com/files/164419/Microsoft-Office-OneNote-2007-Remote-Code-Execution.htmlThird Party AdvisoryVDB Entry
- Not Applicable
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:microsoft:onenote:2007:sp3:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.13376
Средний
8.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability."
fstec
около 11 лет назад
Уязвимость программного обеспечения Microsoft OneNote, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
Процентиль: 94%
0.13376
Средний
8.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
NVD-CWE-noinfo