EIP-2026-115737

PRE-CVE

Microsoft Media Player - 'quartz.dll .wav' Multiple Remote Denial of Service Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115737. PoCs published by Code Audit Labs.

AI-analyzed exploit summary This Perl script generates a malformed WAV file designed to trigger a denial-of-service (DoS) vulnerability in Microsoft Windows Media Player's quartz.dll. The exploit targets specific versions of Windows Media Player on Windows XP SP3 by crafting a corrupted WAV file header and data structure.

Description

Microsoft Media Player - 'quartz.dll .wav' Multiple Remote Denial of Service Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by Code Audit Labs · perldoswindows

https://www.exploit-db.com/exploits/8467

View Code ZIP pw:eip

This Perl script generates a malformed WAV file designed to trigger a denial-of-service (DoS) vulnerability in Microsoft Windows Media Player's quartz.dll. The exploit targets specific versions of Windows Media Player on Windows XP SP3 by crafting a corrupted WAV file header and data structure.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Windows Media Player 10.00.00.3998, 11.0.5721.5230 with quartz.dll 6.5.3790.4283, 6.5.2600.5596

No auth needed

Prerequisites: Ability to deliver the malformed WAV file to the target system

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026