Known Vulnerabilities for Onenote by Microsoft

Listed below are 9 of the newest known vulnerabilities associated with "Onenote" by "Microsoft".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2017-8509 A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory... 8.8 - HIGH 2017-06-15 2019-10-03
CVE-2017-0197 Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted docu... 7.8 - HIGH 2017-04-12 2017-07-11
CVE-2016-3315 Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitiv... 5.5 - MEDIUM 2016-08-09 2018-10-12
CVE-2015-2503 Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publis... 9.3 - HIGH 2015-11-11 2018-10-12
CVE-2014-2815 Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creatio... 8.8 - HIGH 2014-08-12 2021-12-16
CVE-2008-3068 Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificat... 7.5 - HIGH 2008-07-07 2018-10-11
CVE-2007-0671 Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows rem... 9.3 - HIGH 2007-02-03 2018-10-12
CVE-2006-3877 Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v... 9.3 - HIGH 2006-10-10 2018-10-17
CVE-2004-0200 Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll... 9.3 - HIGH 2004-09-28 2018-10-30

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationMicrosoftOnenote2013AllAllAll
ApplicationMicrosoftOnenote2007AllAllAll
ApplicationMicrosoftOnenote2007sp3AllAll
ApplicationMicrosoftOnenote2003AllAllAll
ApplicationMicrosoftOnenote-AllAllAll
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report