EIP-2026-115743

PRE-CVE

Microsoft Office 2007 - 'wwlib.dll' fcPlcfFldMom Uninitialized Heap Usage

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115743. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a memory corruption vulnerability in Microsoft Office 2007/2010 by manipulating a specific offset in a Word document file, leading to an uninitialized heap data dereference and potential arbitrary code execution.

Description

Microsoft Office 2007 - 'wwlib.dll' fcPlcfFldMom Uninitialized Heap Usage

Exploits (1)

exploitdb WORKING POC VERIFIED
by Google Security Research · textdoswindows
https://www.exploit-db.com/exploits/37909

This exploit demonstrates a memory corruption vulnerability in Microsoft Office 2007/2010 by manipulating a specific offset in a Word document file, leading to an uninitialized heap data dereference and potential arbitrary code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Office 2007/2010 (wwlib.dll 12.0.6720.5000, msptls.dll 12.0.6682.5000)
No auth needed
Prerequisites: Microsoft Office File Validation Add-In disabled · Application Verifier enabled for testing
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026