CVE-2015-0064

Microsoft Office and Web Applications - Remote Code Execution via Crafted Office Document

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-0064. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a stack-based buffer overflow in Microsoft Office 2007 (Word) due to an invalid size parameter in a memcpy operation, leading to an access violation. The vulnerability can also result in an arbitrary free operation, potentially allowing for remote code execution.

Description

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Office Remote Code Execution Vulnerability."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdoswindows

https://www.exploit-db.com/exploits/37967

View Code ZIP pw:eip

This exploit demonstrates a stack-based buffer overflow in Microsoft Office 2007 (Word) due to an invalid size parameter in a memcpy operation, leading to an access violation. The vulnerability can also result in an arbitrary free operation, potentially allowing for remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Office 2007 (Word)

No auth needed

Prerequisites: A maliciously crafted RTF file

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/72463

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/62808

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-012

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1031720

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/37967/

Scores

EPSS 0.7122

EPSS Percentile 98.7%

Details

CWE

CWE-399

Status published

Products (8)

microsoft/office 2010 sp2 (2 CPE variants)

microsoft/office_compatibility_pack

microsoft/sharepoint_server 2010

microsoft/web_applications 2010 sp2

microsoft/word 2007 sp3

microsoft/word 2010 sp2

microsoft/word_automation_services

microsoft/word_viewer

Published Feb 11, 2015

Tracked Since Feb 18, 2026