EIP-2026-115735

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115735. PoCs published by Skylined.

AI-analyzed exploit summary This exploit demonstrates a memory corruption vulnerability in Microsoft Internet Explorer 9, where a crafted HTML page triggers an out-of-bounds memory access in the CPtsTextParaclient::CountApes function. The PoC uses specific CSS and JavaScript to manipulate DOM elements, leading to a potential information disclosure or arbitrary code execution.

Description

Microsoft Internet Explorer 9 - MSHTML CPtsTextParaclient::CountApes Out-of-Bounds Read

Exploits (1)

exploitdb WORKING POC

by Skylined · htmldoswindows

https://www.exploit-db.com/exploits/40722

View Code ZIP pw:eip

This exploit demonstrates a memory corruption vulnerability in Microsoft Internet Explorer 9, where a crafted HTML page triggers an out-of-bounds memory access in the CPtsTextParaclient::CountApes function. The PoC uses specific CSS and JavaScript to manipulate DOM elements, leading to a potential information disclosure or arbitrary code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Racy

Target: Microsoft Internet Explorer 9

No auth needed

Prerequisites: Target must visit a malicious webpage · JavaScript must be enabled in the target's browser

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Microsoft Internet Explorer 9 - MSHTML CPtsTextParaclient::CountApes Out-of-Bounds Read

Exploitation Summary

Description

Exploits (1)

Details