@mattjay.com on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

Matt Johansen

mattjay.com

did:plc:t6u5bkl7wvnzgkx36kmmh43p

CVE-2025-21298 is a double-free vulnerability in ole32.dll. Specifically, it mishandles memory in the UtOlePresStmToContentsStm function, which processes embedded OLE objects in RTF files.

2025-01-23T18:36:47.060Z