EIP-2026-115373

PRE-CVE

Haihaisoft Universal Player 1.5.8 - '.m3u' / '.pls '/ '.asx' Buffer Overflow (SEH)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115373. PoCs published by Gabor Seljan.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in Haihaisoft Universal Player 1.5.8, leveraging SEH overwrites to achieve arbitrary code execution. The PoC generates malicious playlist files (m3u, pls, asx) with crafted payloads to trigger the overflow.

Description

Haihaisoft Universal Player 1.5.8 - '.m3u' / '.pls '/ '.asx' Buffer Overflow (SEH)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Gabor Seljan · pythondoswindows

https://www.exploit-db.com/exploits/32514

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in Haihaisoft Universal Player 1.5.8, leveraging SEH overwrites to achieve arbitrary code execution. The PoC generates malicious playlist files (m3u, pls, asx) with crafted payloads to trigger the overflow.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Haihaisoft Universal Player 1.5.8.0

No auth needed

Prerequisites: Victim must open a malicious playlist file

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026