EIP-2026-118240
PRE-CVEAdobe SVG Viewer 3.0 - ActiveX Control SRC Information Disclosure
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-118240. PoCs published by Robert Fly.
AI-analyzed exploit summary This exploit leverages a timing-based information disclosure vulnerability in the Adobe SVG Viewer ActiveX control to determine the existence of a target file. The JavaScript code attempts to load a file via the ActiveX control and checks the document.readyState to infer file existence.
Description
Adobe SVG Viewer 3.0 - ActiveX Control SRC Information Disclosure
Exploits (1)
This exploit leverages a timing-based information disclosure vulnerability in the Adobe SVG Viewer ActiveX control to determine the existence of a target file. The JavaScript code attempts to load a file via the ActiveX control and checks the document.readyState to infer file existence.