EIP-2026-115691

PRE-CVE

Microsoft Internet Explorer 5/6 - Recursive JavaScript Event Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115691. PoCs published by Berend-Jan Wever.

AI-analyzed exploit summary This exploit demonstrates a denial-of-service (DoS) vulnerability in Microsoft Internet Explorer by recursively triggering an onError event in an image tag with an invalid source. The recursive redefinition of the source causes the browser to crash, potentially affecting the underlying OS on Windows 95/98.

Description

Microsoft Internet Explorer 5/6 - Recursive JavaScript Event Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED

by Berend-Jan Wever · textdoswindows

https://www.exploit-db.com/exploits/21416

View Code ZIP pw:eip

This exploit demonstrates a denial-of-service (DoS) vulnerability in Microsoft Internet Explorer by recursively triggering an onError event in an image tag with an invalid source. The recursive redefinition of the source causes the browser to crash, potentially affecting the underlying OS on Windows 95/98.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Internet Explorer (versions affected not specified)

No auth needed

Prerequisites: Victim must visit a malicious webpage

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026