EIP-2026-115752

PRE-CVE

Microsoft Office XP 2000/2002 - HTML Link Processing Remote Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115752. PoCs published by Rafel Ivgi.

AI-analyzed exploit summary This exploit leverages a remote buffer overflow in Microsoft Office XP by crafting a malicious HTML link with an excessively long string appended to an RTF file path. The overflow occurs when the user follows the link, potentially allowing arbitrary code execution with the user's privileges.

Description

Microsoft Office XP 2000/2002 - HTML Link Processing Remote Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by Rafel Ivgi · textdoswindows

https://www.exploit-db.com/exploits/25085

View Code ZIP pw:eip

This exploit leverages a remote buffer overflow in Microsoft Office XP by crafting a malicious HTML link with an excessively long string appended to an RTF file path. The overflow occurs when the user follows the link, potentially allowing arbitrary code execution with the user's privileges.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Office XP

No auth needed

Prerequisites: User interaction (clicking a malicious link) · Microsoft Office XP installed

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026