EIP-2026-118798

PRE-CVE

Microsoft Internet Explorer (Windows XP SP1) - 'VML' Remote Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118798. PoCs published by Trirat Puttaraksa.

AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in Microsoft Internet Explorer's VML (Vector Markup Language) rendering engine. It uses heap spraying to inject shellcode and achieve remote code execution on vulnerable systems (Windows XP SP0-SP1 and Windows 2000 SP4).

Description

Microsoft Internet Explorer (Windows XP SP1) - 'VML' Remote Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by Trirat Puttaraksa · perlremotewindows

https://www.exploit-db.com/exploits/2408

View Code ZIP pw:eip

This exploit targets a stack-based buffer overflow in Microsoft Internet Explorer's VML (Vector Markup Language) rendering engine. It uses heap spraying to inject shellcode and achieve remote code execution on vulnerable systems (Windows XP SP0-SP1 and Windows 2000 SP4).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Internet Explorer 6 (Windows XP SP0-SP1, Windows 2000 SP4)

No auth needed

Prerequisites: Vulnerable version of Internet Explorer · Target system must be running Windows XP SP0-SP1 or Windows 2000 SP4

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026