EIP-2026-118685

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118685. PoCs published by the_Edit0r.

AI-analyzed exploit summary This exploit leverages an arbitrary file overwrite vulnerability in the InstallShield 2009 Premier ActiveX control. By invoking the 'InsertCustomAction', 'AddPage', and 'SaveToFile' methods, an attacker can overwrite files on the victim's system in the context of the vulnerable application (e.g., Internet Explorer).

Description

Installshield 2009 15.0.0.53 Premier - 'ISWiAutomation15.dll' ActiveX Arbitrary File Overwrite

Exploits (1)

exploitdb WORKING POC VERIFIED

by the_Edit0r · textremotewindows

https://www.exploit-db.com/exploits/34821

View Code ZIP pw:eip

This exploit leverages an arbitrary file overwrite vulnerability in the InstallShield 2009 Premier ActiveX control. By invoking the 'InsertCustomAction', 'AddPage', and 'SaveToFile' methods, an attacker can overwrite files on the victim's system in the context of the vulnerable application (e.g., Internet Explorer).

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: InstallShield 2009 Premier 15.0.0.53

No auth needed

Prerequisites: Victim must visit a malicious webpage hosting the exploit · ActiveX control must be enabled in the browser

MITRE ATT&CK

T1221 - Template Injection T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Installshield 2009 15.0.0.53 Premier - 'ISWiAutomation15.dll' ActiveX Arbitrary File Overwrite

Exploitation Summary

Description

Exploits (1)

Details