nonick

Thanks , I will try but this will be more complicated inside vmware.

Are you confirm that you cloned the newest update? I fix a bug in command execution in last commit. Now your command works in my meachine

No. I'm using Office Pro plus 2013 in Win10. Can you provide your exploit that fails?

Well. That exploit you uploaded actually works on my machine. Maybe I will test Office 2010 later.

I have tested Office 2010 Pro Plus in Win7 and my exploit works well. I pop a calc.exe by rtf created by `python CVE-2017-11882.py -c calc.exe -o test.rtf`

Well. Can you debug the shellcode?

@roy-lion What's your environment?

Sorry for lately reply, but in my virtual machine(win7x64 Office 2007) , my exploit works fine. Could u pls send your EQNEDT32.EXE to me? Thanks

Well I haven't test office 2016 yet but is this bug exists in office 2016 ? Can you exploit this bug with others exploit ?

Theoretically it should work as well.... maybe you can debug and inspect office process. I might not have time to do this recently lol. Maybe someday after this month....