EIP-2026-102766

PRE-CVE

Xine-Lib 0.99 - Remote Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102766. PoCs published by c0ntex.

AI-analyzed exploit summary This exploit leverages a buffer overflow vulnerability in xine-lib by crafting a malicious ASX playlist file. The long 'vcd://' URI in the second entry triggers the overflow, potentially allowing remote code execution.

Description

Xine-Lib 0.99 - Remote Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by c0ntex · textdoslinux

https://www.exploit-db.com/exploits/24358

View Code ZIP pw:eip

This exploit leverages a buffer overflow vulnerability in xine-lib by crafting a malicious ASX playlist file. The long 'vcd://' URI in the second entry triggers the overflow, potentially allowing remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: xine-lib rc-5 and prior, xine 0.99.2 and prior

No auth needed

Prerequisites: Victim must open the malicious ASX file with a vulnerable xine player

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026