This exploit targets an array overflow vulnerability in Microsoft Reader's AOLL chunk handling, allowing arbitrary code execution via a crafted LIT file. The PoC modifies a specific byte to trigger the overflow, leading to potential RCE.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target:Microsoft Reader <= 2.1.1.3143 (PC) and <= 2.6.1.7169 (Origami)
No auth needed
Prerequisites:Crafted LIT file with modified AOLL chunk