CVE-2015-0097

Microsoft Office 2007 SP3 and 2010 SP2 - Remote Code Execution via Crafted Office Document

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-0097. PoCs published by Eduardo Braun Prado.

AI-analyzed exploit summary The provided ExploitDB entry describes a Microsoft Word RCE vulnerability but does not include actual exploit code. Instead, it redirects to external links (OneDrive, GitLab) for the payload, which is a common tactic in suspicious or malicious repositories.

Description

Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel 2010 SP2, PowerPoint 2010 SP2, and Word 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Word Local Zone Remote Code Execution Vulnerability."

Exploits (1)

exploitdb SUSPICIOUS
by Eduardo Braun Prado · textlocalwindows
https://www.exploit-db.com/exploits/37657

The provided ExploitDB entry describes a Microsoft Word RCE vulnerability but does not include actual exploit code. Instead, it redirects to external links (OneDrive, GitLab) for the payload, which is a common tactic in suspicious or malicious repositories.

Classification
Suspicious 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Microsoft Word 2007
No auth needed
Prerequisites: User interaction (opening a malicious file)
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/37657/
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1031896

Scores

EPSS 0.4117
EPSS Percentile 98.5%

Details

CWE
CWE-19
Status published
Products (6)
microsoft/excel 2007 sp3
microsoft/excel 2010 sp2 (2 CPE variants)
microsoft/powerpoint 2007 sp3
microsoft/powerpoint 2010 sp2
microsoft/word 2007 sp3
microsoft/word 2010 sp2
Published Mar 11, 2015
Tracked Since Feb 18, 2026