EIP-2026-115962

PRE-CVE

Novell Groupwise Client 7.0.3.1294 - 'gxmim1.dll' ActiveX Control Buffer Overflow (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115962. PoCs published by Francis Provencher.

AI-analyzed exploit summary This exploit leverages a buffer overflow vulnerability in the Novell GroupWise Client ActiveX control by passing an excessively long string to the SetFontFace method, potentially leading to remote code execution in the context of the application.

Description

Novell Groupwise Client 7.0.3.1294 - 'gxmim1.dll' ActiveX Control Buffer Overflow (PoC)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Francis Provencher · htmldoswindows

https://www.exploit-db.com/exploits/33221

View Code ZIP pw:eip

This exploit leverages a buffer overflow vulnerability in the Novell GroupWise Client ActiveX control by passing an excessively long string to the SetFontFace method, potentially leading to remote code execution in the context of the application.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Novell GroupWise Client 7.0.3.1294

No auth needed

Prerequisites: Victim must visit a malicious webpage or open a malicious HTML file · ActiveX control must be enabled in the browser

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026