EIP-2026-118781

PRE-CVE

Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118781. PoCs published by Alexander Klink.

AI-analyzed exploit summary This is a technical writeup describing an information disclosure vulnerability in Microsoft's Crypto API, where X.509 certificate validation triggers arbitrary HTTP requests. The issue affects Microsoft Outlook 2007, Windows Live Mail 2008, and Office 2007, potentially enabling port scanning or tracking document reads.

Description

Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure

Exploits (1)

exploitdb WRITEUP VERIFIED

by Alexander Klink · textremotewindows

https://www.exploit-db.com/exploits/31583

View Code ZIP pw:eip

This is a technical writeup describing an information disclosure vulnerability in Microsoft's Crypto API, where X.509 certificate validation triggers arbitrary HTTP requests. The issue affects Microsoft Outlook 2007, Windows Live Mail 2008, and Office 2007, potentially enabling port scanning or tracking document reads.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Theoretical

Target: Microsoft Crypto API (Outlook 2007, Windows Live Mail 2008, Office 2007)

No auth needed

Prerequisites: Victim interaction with a crafted X.509 certificate

MITRE ATT&CK

T1040 - Network Sniffing T1201 - Password Policy Discovery

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026