Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:DL:ONENOTE-INFO-DISC |
|---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Office OneNote 2010 Buffer Size Validation |
Release Date |
2013/03/12 |
Update Number |
2243 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Microsoft Office OneNote 2010 Buffer Size Validation
This signature detects attempts to exploit a known vulnerability against Microsoft Office OneNote 2010. A successful attack can lead to unauthorized information disclosure.
Extended Description
Microsoft OneNote 2010 SP1 does not properly determine buffer sizes during memory allocation, which allows remote attackers to obtain sensitive information via a crafted OneNote file, aka "Buffer Size Validation Vulnerability."
Affected Products
- Microsoft sharepoint_foundation 2010
- Microsoft sharepoint_server 2010
References
- CVE: CVE-2013-0086