EIP-2026-117267

PRE-CVE

Heroes of Might and Magic III - '.h3m' Map file Buffer Overflow (Metasploit)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117267. PoCs published by Metasploit.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in Heroes of Might and Magic III by embedding malicious code into an uncompressed .h3m map file. The exploit leverages specific gadgets to bypass anticrash mechanisms and achieve remote code execution via a CALL ESP instruction.

Description

Heroes of Might and Magic III - '.h3m' Map file Buffer Overflow (Metasploit)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/37737

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow in Heroes of Might and Magic III by embedding malicious code into an uncompressed .h3m map file. The exploit leverages specific gadgets to bypass anticrash mechanisms and achieve remote code execution via a CALL ESP instruction.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Heroes of Might and Magic III (versions: H3 Complete 4.0.0.0, HD Mod 3.808 build 9, Demo 1.0.0.0)

No auth needed

Prerequisites: Uncompressed .h3m map file or ability to create one · Victim to open the malicious map file in the game

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026