| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS13-025 | Vulnerability in Microsoft OneNote Could Allow Information Disclosure (2816264) | Microsoft OneNote | Important | 13-03-2013 |
Technical Information
Brief overview of the risk:
The vulnerability could allow information disclosure if an attacker convinces a user to open a specially crafted OneNote file.
Detailed Information on the risk:
An information disclosure vulnerability exists in the way that Microsoft OneNote allocates memory from parsing a specially crafted OneNote (.ONE) file.
Further information on this exploit is available at : MS13-025
Affected Software
Microsoft OneNote 2010 Service Pack 1 (32-bit editions)Microsoft OneNote 2010 Service Pack 1 (64-bit editions)