EIP-2026-115908

PRE-CVE

NCSS 07.1.21 - Array Overflow with Write2

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115908. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This is a technical writeup detailing an array overflow vulnerability in NCSS 2007 (VCF132.dll) that allows writing the word 0xfffd to arbitrary memory locations via crafted S0 files. The analysis includes disassembly snippets and a reference to a PoC file.

Description

NCSS 07.1.21 - Array Overflow with Write2

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textdoswindows

https://www.exploit-db.com/exploits/17903

View Code ZIP pw:eip

This is a technical writeup detailing an array overflow vulnerability in NCSS 2007 (VCF132.dll) that allows writing the word 0xfffd to arbitrary memory locations via crafted S0 files. The analysis includes disassembly snippets and a reference to a PoC file.

Classification

Writeup 95%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: NCSS (NCSS 2007) <= 07.1.21

No auth needed

Prerequisites: Crafted S0 file with malicious 16-bit value at offset 0x8bd

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026