DLL Office Vulnerability in Microsoft Office - PoC

    A recent topic described a vulnerability in the DLL loading mechanism. The problem is that the library can be loaded from the current directory (and the current directory can be any directory where the document is located, for example, “My Documents”). This allows you to send the victim an archive with a document and a DLL. The user will open the document, and the application, in addition to everything, will download and execute the DLL.

    In the comments to the topic, many unsubscribed that they could not achieve the desired effect. For all those who are not strong, I post the finished ZIP archive with two files, so that everyone can see for themselves. DLL'ka starts the calculator. It works on fully patched Windows XP SP3 and Microsoft Office 2007.

    Powerpoint-poc.zip archive: depositfiles.com/files/tosmktxwp

    Also popular now: