CVE-2015-2470

Microsoft Office 2007-2013 & Word Viewer RCE via Crafted Document

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-2470. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a memory corruption vulnerability in Microsoft Office 2007/2010 due to improper pointer handling in MSPTLS!LssbFIsSublineEmpty, leading to a crash when processing a malformed DOC file. The PoC includes fuzzed files that trigger the issue by manipulating heap memory structures.

Description

Integer underflow in Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office for Mac 2011, and Word Viewer allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Integer Underflow Vulnerability."

Exploits (1)

exploitdb WORKING POC VERIFIED
by Google Security Research · textdoswindows
https://www.exploit-db.com/exploits/37924

This exploit demonstrates a memory corruption vulnerability in Microsoft Office 2007/2010 due to improper pointer handling in MSPTLS!LssbFIsSublineEmpty, leading to a crash when processing a malformed DOC file. The PoC includes fuzzed files that trigger the issue by manipulating heap memory structures.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Office 2007/2010 with Office File Validation Add-In disabled
No auth needed
Prerequisites: Microsoft Office 2007/2010 installed · Office File Validation Add-In disabled · Malformed DOC file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/37924/
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033239

Scores

EPSS 0.2686
EPSS Percentile 97.8%

Details

CWE
CWE-189
Status published
Products (5)
microsoft/office 2010 sp2 (2 CPE variants)
microsoft/office 2011
microsoft/office 2013 sp1
microsoft/word 2007 sp3
microsoft/word_viewer
Published Aug 15, 2015
Tracked Since Feb 18, 2026