CVE-2023-21716

This repository contains a detailed technical writeup of CVE-2023-21716, a heap corruption vulnerability in Microsoft Word's RTF parser. The analysis includes assembly-level details, debugger output, and an explanation of how excessive font table entries lead to out-of-bounds memory writes.

This PoC exploits CVE-2023-21716, a vulnerability in Microsoft Word that causes a crash when processing a malformed RTF file with an excessive number of font table entries. The exploit generates an RTF file with 32761 font entries, triggering a denial-of-service condition.

This PoC generates a malicious RTF file that exploits a heap corruption vulnerability in Microsoft Word's font table handling (CVE-2023-21716). The exploit triggers remote code execution when the victim opens the file.

This exploit generates a malicious RTF file leveraging CVE-2023-21716, a vulnerability in Microsoft Word, and sends it via email. The RTF file contains a large number of font table entries to trigger the vulnerability.

This repository contains a Python script to generate a malicious RTF file exploiting CVE-2023-21716, a heap-based buffer overflow in Microsoft Word's handling of the \fonttbl control word. The PoC triggers a crash by exceeding the font limit (32760), leading to potential remote code execution.

This repository contains a detailed technical writeup for CVE-2023-21716, a heap corruption vulnerability in Microsoft Word's RTF parser. The vulnerability arises from improper handling of font table entries, leading to out-of-bounds memory writes and potential remote code execution.

This exploit generates a malformed RTF file with an excessive number of font table entries (32761) to trigger a denial-of-service (DoS) condition in vulnerable Microsoft Office applications. The PoC leverages a heap-based buffer overflow in the RTF parser, causing a crash or potential code execution under specific conditions.

The repository contains a functional exploit for CVE-2023-21716, which leverages a heap corruption vulnerability in Microsoft Word's RTF parser by embedding an abnormally large \fonttbl directive (32768+ font definitions). The exploit generates a malicious RTF file that triggers the vulnerability and executes embedded shellcode.

This repository provides a detailed technical analysis of CVE-2023-21716, a heap-based buffer overflow in Microsoft Word's RTF parser, including root cause analysis, impact assessment, and reproduction steps. It references an external exploit but does not contain functional exploit code itself.

This Python script generates a malicious RTF file exploiting CVE-2023-21716 by creating an excessive number of font table entries (32761) to trigger a denial-of-service condition in Microsoft Office.

This PoC exploits a heap corruption vulnerability in Microsoft Word's RTF parser by generating an RTF file with an excessive number of font entries, leading to a potential remote code execution (RCE). The script creates a malformed RTF file designed to trigger the vulnerability when opened in a vulnerable version of Microsoft Word.

This PoC generates a maliciously crafted RTF file that exploits a vulnerability in Microsoft Word (CVE-2023-21716) by creating an excessively large font table, likely triggering a denial-of-service or memory corruption condition. The exploit is minimal but functional, demonstrating the vulnerability by attempting to crash the target application.