Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0086

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2013-0086
Last Modified 02 Nov 2013 11:29:21
Published 12 Mar 2013 08:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-0086

Summary

Microsoft OneNote 2010 SP1 does not properly determine buffer sizes during memory allocation, which allows remote attackers to obtain sensitive information via a crafted OneNote file, aka "Buffer Size Validation Vulnerability."

Vulnerable Systems

Application

  • Microsoft Sharepoint Foundation 2010

  • Microsoft Sharepoint Server 2010


References

MS - MS13-025

CERT - TA13-071A

Related Patches

MS13-025 Security Update for Microsoft OneNote 2010 32-Bit Edition (KB2760600)

MS13-025 Security Update for Microsoft OneNote 2010 64-Bit Edition (KB2760600)


Last Updated: 27 May 2016 10:44:50