Microsoft Office OneNote 2007 proof of concept exploit for a
OnePKG file parsing remote code execution vulnerability. Upon
decompressing files from .ONEPKG archives (using MS CAB format), a
failure to sanitize file paths and file contents allows for
arbitrary file planting in arbitrary locations on the OS, including
the startup folder.