CVE-2025-21298

This is a proof-of-concept for CVE-2025-21298, a Windows OLE Remote Code Execution Vulnerability. The exploit demonstrates a memory corruption issue in `ole32.dll!UtOlePresStmToContentsStm` leading to a double-free situation.

The repository contains a writeup describing CVE-2025-21298, a Use After Free vulnerability in Microsoft Windows' OLE technology, specifically in the UtOlePresStmToContentsStm function within ole32.dll. Exploitation occurs via malicious RTF files, leading to potential remote code execution.

This repository provides a safe CTF challenge demonstrating RTF-based OLE exploits, specifically CVE-2025-21298, without any malicious payload. It guides users to extract a hidden flag from an embedded OLE object using tools like oletools.

This repository contains a proof-of-concept for CVE-2025-21298, a Windows OLE Remote Code Execution Vulnerability (CVSS 9.8). The vulnerability is a memory corruption issue in `ole32.dll!UtOlePresStmToContentsStm` due to a double-free situation, which Microsoft patched by setting `pstmContents` to zero after releasing the pointer.

This repository provides a detailed incident response analysis of CVE-2025-21298, a Windows OLE Zero-Click RCE vulnerability. It includes forensic evidence, IOCs, and mitigation steps but does not contain functional exploit code.

This repository provides a detailed technical analysis of a Windows OLE zero-click RCE exploitation (CVE-2025-21298) delivered via a malicious RTF file. It includes investigation steps, screenshots, and a breakdown of the attack chain involving regsvr32.exe and scrobj.dll for fileless malware execution.