EIP-2026-115741

PRE-CVE

Microsoft Office 2003 - Web Component Memory Access Violation Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115741. PoCs published by Elazar Broad.

AI-analyzed exploit summary This HTML-based exploit triggers a denial-of-service (DoS) in Microsoft Office Web Component (OWC11) by creating an ActiveX object and setting an invalid XMLDataTarget property, causing a memory access violation in Internet Explorer.

Description

Microsoft Office 2003 - Web Component Memory Access Violation Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED

by Elazar Broad · htmldoswindows

https://www.exploit-db.com/exploits/30749

View Code ZIP pw:eip

This HTML-based exploit triggers a denial-of-service (DoS) in Microsoft Office Web Component (OWC11) by creating an ActiveX object and setting an invalid XMLDataTarget property, causing a memory access violation in Internet Explorer.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Office Web Component (OWC11) for Microsoft Office 2003

No auth needed

Prerequisites: Internet Explorer with OWC11 installed · ActiveX enabled

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026