EIP-2026-115279

PRE-CVE

Foxit Reader 3.1.4.1125 - ActiveX Heap Overflow (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115279. PoCs published by SarBoT511 & D3V!L FUCKER.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Foxit Reader OCX component by passing an overly long string argument to the OpenFile method, likely leading to remote code execution. The PoC uses VBScript to trigger the vulnerability via an ActiveX object.

Description

Foxit Reader 3.1.4.1125 - ActiveX Heap Overflow (PoC)

Exploits (1)

exploitdb WORKING POC VERIFIED

by SarBoT511 & D3V!L FUCKER · htmldoswindows

https://www.exploit-db.com/exploits/11196

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Foxit Reader OCX component by passing an overly long string argument to the OpenFile method, likely leading to remote code execution. The PoC uses VBScript to trigger the vulnerability via an ActiveX object.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Foxit Reader 3.1.4.1125

No auth needed

Prerequisites: Victim must open the malicious HTML file in a browser with Foxit Reader OCX installed

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026