CVE-2014-9456

Notepad++ 6.6.9 - Buffer Overflow via Long Time Attribute in XML Event Element

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-9456. PoCs published by TaurusOmar.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in Notepad++ v6.6.9 by crafting a malicious XML file that triggers a crash or potential code execution when opened. The PoC uses a structured payload with NOP sleds and a hardcoded return address.

Description

Buffer overflow in NotePad++ 6.6.9 allows remote attackers to have unspecified impact via a long Time attribute in an Event element in an XML file. NOTE: this issue was originally incorrectly mapped to CVE-2014-1004; see CVE-2014-1004 for more information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by TaurusOmar · pythondoswindows

https://www.exploit-db.com/exploits/35589

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in Notepad++ v6.6.9 by crafting a malicious XML file that triggers a crash or potential code execution when opened. The PoC uses a structured payload with NOP sleds and a hardcoded return address.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Notepad++ v6.6.9

No auth needed

Prerequisites: Victim must open the malicious XML file in Notepad++

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/35589

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/88191

Scores

EPSS 0.1043

EPSS Percentile 95.2%

Details

CWE

CWE-119

Status published

Products (1)

don_ho/notepad\+\+ 6.6.9

Published Jan 02, 2015

Tracked Since Feb 18, 2026