EIP-2026-116018

PRE-CVE

Oracle VM VirtualBox 4.3.28 - '.ovf' Crash (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116018. PoCs published by sultan albalawi.

AI-analyzed exploit summary This exploit generates a malformed OVF file that triggers a crash in Oracle VM VirtualBox 4.3.28 when imported. The payload consists of a crafted string with ASCII art and a buffer overflow attempt using a repeated 'A' character sequence.

Description

Oracle VM VirtualBox 4.3.28 - '.ovf' Crash (PoC)

Exploits (1)

exploitdb WORKING POC VERIFIED

by sultan albalawi · pythondoswindows

https://www.exploit-db.com/exploits/40618

View Code ZIP pw:eip

This exploit generates a malformed OVF file that triggers a crash in Oracle VM VirtualBox 4.3.28 when imported. The payload consists of a crafted string with ASCII art and a buffer overflow attempt using a repeated 'A' character sequence.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Oracle VM VirtualBox 4.3.28

No auth needed

Prerequisites: User interaction to import the malicious OVF file

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026