EIP-2026-118644

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118644. PoCs published by Metasploit.

AI-analyzed exploit summary This Metasploit module exploits a memory corruption vulnerability in the HP Application Lifecycle Management XGO.ocx ActiveX control via the SetShapeNodeType method, allowing remote code execution through heap spraying and ROP chains. It targets multiple IE versions on Windows XP, Vista, and 7, requiring JRE 6 for DEP/ASLR bypass.

Description

HP Application Lifecycle Management - 'XGO.ocx' ActiveX 'SetShapeNodeType()' Remote Code Execution (Metasploit)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/21842

View Code ZIP pw:eip

This Metasploit module exploits a memory corruption vulnerability in the HP Application Lifecycle Management XGO.ocx ActiveX control via the SetShapeNodeType method, allowing remote code execution through heap spraying and ROP chains. It targets multiple IE versions on Windows XP, Vista, and 7, requiring JRE 6 for DEP/ASLR bypass.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: HP Application Lifecycle Manager Client (XGO.ocx 11.50.777.0)

No auth needed

Prerequisites: Victim must visit a malicious webpage · HP ALM Client with vulnerable XGO.ocx installed · JRE 6 for DEP/ASLR bypass on newer systems

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

HP Application Lifecycle Management - 'XGO.ocx' ActiveX 'SetShapeNodeType()' Remote Code Execution (Metasploit)

Exploitation Summary

Description

Exploits (1)

Details