EIP-2026-115372

PRE-CVE

Haihaisoft PDF Reader OCX Control 1.1.2.0 - Remote Buffer Overflow (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115372. PoCs published by shinnai.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in Haihaisoft PDF Reader OCX Control (version 1.1.2.0) via an overly long string passed to the 'URL' parameter. The PoC uses VBScript to trigger the overflow, leading to an access violation and potential remote code execution.

Description

Haihaisoft PDF Reader OCX Control 1.1.2.0 - Remote Buffer Overflow (PoC)

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · textdoswindows

https://www.exploit-db.com/exploits/14372

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in Haihaisoft PDF Reader OCX Control (version 1.1.2.0) via an overly long string passed to the 'URL' parameter. The PoC uses VBScript to trigger the overflow, leading to an access violation and potential remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Haihaisoft PDF Reader OCX Control 1.1.2.0

No auth needed

Prerequisites: Victim must browse to a crafted web page with the malicious OCX control embedded

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026