CVE-2015-2469
Microsoft Office and Word - Remote Code Execution via Crafted Document
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2015-2469. PoCs published by Google Security Research.
AI-analyzed exploit summary This exploit targets a memory corruption vulnerability in Microsoft Office 2007/2010, where out-of-bounds memory access occurs due to incorrect handling of Word binary document structures. The PoC demonstrates a crash with potential for arbitrary code execution via controlled memory grooming.
Description
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, and Office for Mac 2011 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
Exploits (1)
This exploit targets a memory corruption vulnerability in Microsoft Office 2007/2010, where out-of-bounds memory access occurs due to incorrect handling of Word binary document structures. The PoC demonstrates a crash with potential for arbitrary code execution via controlled memory grooming.