MS13-025: Vulnerability in Microsoft OneNote Could Allow Information Disclosure (2816264)
High Nessus Plugin ID 65214
SynopsisInformation disclosure can occur if an attacker convinces a user to open a specially crafted OneNote file.
DescriptionThe version of Microsoft OneNote running on the remote host is affected by a memory allocation flaw. By convincing a user to open a specially crafted OneNote file, a remote attacker can exploit this to gain access to sensitive information.
SolutionMicrosoft has released a set of patches for OneNote 2010 SP1.