FortiClient VulnerabilityMicrosoft OneNote CVE-2016-3315 Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists when Microsoft OneNote improperly discloses its memory contents. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could create a specially crafted OneNote file and convince a victim to open it. For an attack to be successful, the attacker must know the specific location of OneNote objects in memory. The update addresses the vulnerability by changing the way certain OneNote functions handle objects in memory.
Affected Applications
Microsoft OneNote 2007 Service Pack 3
Microsoft OneNote 2010 Service Pack 2 (64-bit editions)
Microsoft OneNote 2010 Service Pack 2 (32-bit editions)
Microsoft OneNote 2013 Service Pack 1 (64-bit editions)
Microsoft OneNote 2016 x86
Microsoft OneNote 2016 x64
Microsoft OneNote 2013 Service Pack 1 (32-bit editions)
Microsoft OneNote for Mac 2016
Microsoft OneNote 2013 RT Service Pack 1
CVE References
CVE-2016-3315Other References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3315| ID | 51549 |
| Created | Sep 25, 2018 |
| Description Updated |
Dec 21, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Microsoft OneNote 2007 Service Pack 3 , Microsoft OneNote 2010 Service Pack 2 (64-bit editions) , Microsoft OneNote 2010 Service Pack 2 (32-bit editions) , Microsoft OneNote 2013 Service Pack 1 (64-bit editions) , Microsoft OneNote 2016 x86 , Microsoft OneNote 2016 x64 , Microsoft OneNote 2013 Service Pack 1 (32-bit editions) , Microsoft OneNote for Mac 2016 , Microsoft OneNote 2013 RT Service Pack 1 |