EIP-2026-115668

PRE-CVE

Microsoft Internet Explorer - Multiple COM Object Color Property Denial of Service Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115668. PoCs published by nop.

AI-analyzed exploit summary This exploit targets a denial-of-service (DoS) vulnerability in Internet Explorer by manipulating the 'Color' property of multiple COM objects with an excessively large string. The PoC attempts to crash the browser by exhausting system resources.

Description

Microsoft Internet Explorer - Multiple COM Object Color Property Denial of Service Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by nop · htmldoswindows

https://www.exploit-db.com/exploits/2238

View Code ZIP pw:eip

This exploit targets a denial-of-service (DoS) vulnerability in Internet Explorer by manipulating the 'Color' property of multiple COM objects with an excessively large string. The PoC attempts to crash the browser by exhausting system resources.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Internet Explorer on Windows 2000 SP4/XP SP2

No auth needed

Prerequisites: Internet Explorer with ActiveX enabled · Windows 2000 SP4 or XP SP2

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026