Microsoft Excel contains a remote code execution vulnerability upon processing OLE objects. Versions 2007, 2010, 2013, and 2016 are affected on both architectures.
a89385c666364082a80a0ea4883429aa
This exploit leverages an MTA handler remote code execution vulnerability in Microsoft Word.
85fe06cb7ff43ba872bc7b0a4c7dd68f
This Metasploit module creates a malicious RTF file that when opened in vulnerable versions of Microsoft Word will lead to code execution. The flaw exists in how an olelink object can make a http(s) request, and execute hta code in response. This bug was originally seen being exploited in the wild starting in Oct 2016. This Metasploit module was created by reversing a public malware sample.
22d66842eeda59c2f386116bd2c8a720
Microsoft RTF CVE-2017-0199 proof of concept exploit.
11916c46b31efd35dcb2b963e50c23ca
This article documents practical exploitation of CVE-2017-0199 and includes a proof of concept.
b03e34017c4b989f9ac59f7b459a5cfe
Microsoft Word RTF remote code execution proof of concept exploit.
f937dc70e4f902d07449912a173ea332