CVE-2010-1681

Exploitation Summary

EIP tracks 3 public exploits for CVE-2010-1681. PoCs published by Metasploit, Abysssec, Unknown, including Metasploit module exploits/windows/fileformat/visio_dxf_bof.

AI-analyzed exploit summary This Metasploit module exploits a stack-based buffer overflow in Microsoft Office Visio 2002 by crafting a malicious DXF file. The exploit targets the VISIODWG.DLL component during the parsing of the HEADER section, leading to arbitrary code execution.

Description

Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office Visio allows user-assisted remote attackers to execute arbitrary code via a crafted DXF file, a different vulnerability than CVE-2010-0254 and CVE-2010-0256.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/17451

View Code ZIP pw:eip

This Metasploit module exploits a stack-based buffer overflow in Microsoft Office Visio 2002 by crafting a malicious DXF file. The exploit targets the VISIODWG.DLL component during the parsing of the HEADER section, leading to arbitrary code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Office Visio 2002 (VISIO.EXE v10.0.525.4, VISIODWG.DLL v10.0.525.4)

No auth needed

Prerequisites: Victim must open a specially crafted DXF file in Microsoft Visio 2002

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Abysssec · pythonlocalwindows

https://www.exploit-db.com/exploits/14944

View Code ZIP pw:eip

This Python script generates a malicious DXF file that exploits a stack-based buffer overflow in Microsoft Office Visio 2002 (CVE-2010-1681). It crafts a payload with shellcode, a jump to ESP, and a controlled EIP overwrite to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Office Visio 2002 (xp)

No auth needed

Prerequisites: Victim must open the malicious DXF file in Visio 2002

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

metasploit WORKING POC GOOD

by Unknown · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/visio_dxf_bof.rb

View Code ZIP pw:eip

This Metasploit module exploits a stack-based buffer overflow in Microsoft Office Visio 2002 by crafting a malicious DXF file. The exploit targets the VISIODWG.DLL component during the parsing of the HEADER section, leading to arbitrary code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Office Visio 2002 (VISIO.EXE v10.0.525.4, VISIODWG.DLL v10.0.525.4)

No auth needed

Prerequisites: Victim must open a specially crafted DXF file in Microsoft Visio 2002

MITRE ATT&CK