EIP-2026-115198

PRE-CVE

EasyMail Objects 6.0.2.0 - 'emimap4.dll' ActiveX Control Remote Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115198. PoCs published by Francis Provencher.

AI-analyzed exploit summary This exploit leverages a buffer overflow vulnerability in the EasyMail Objects ActiveX control by supplying an overly long string to the LicenseKey property, potentially leading to remote code execution in the context of Internet Explorer.

Description

EasyMail Objects 6.0.2.0 - 'emimap4.dll' ActiveX Control Remote Code Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by Francis Provencher · htmldoswindows

https://www.exploit-db.com/exploits/33225

View Code ZIP pw:eip

This exploit leverages a buffer overflow vulnerability in the EasyMail Objects ActiveX control by supplying an overly long string to the LicenseKey property, potentially leading to remote code execution in the context of Internet Explorer.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: EasyMail Objects 6.0.2.0, Spam Inspector 4.0.354

No auth needed

Prerequisites: Victim must visit a malicious webpage hosting the exploit · ActiveX control must be installed and enabled in the browser

MITRE ATT&CK

T1189 - Drive-by Compromise T1218 - System Binary Proxy Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026