EIP-2026-118817

PRE-CVE

Microsoft Internet Explorer 5.5 - 'Index.dat' (MS00-055)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118817. PoCs published by Georgi Guninski.

AI-analyzed exploit summary This exploit leverages a vulnerability in Internet Explorer 5.5 where arbitrary code can be injected into the trusted index.dat file via URL scripting commands. The PoC uses an OBJECT tag to force IE to render the non-HTML index.dat file as HTML, potentially executing malicious code.

Description

Microsoft Internet Explorer 5.5 - 'Index.dat' (MS00-055)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Georgi Guninski · htmlremotewindows

https://www.exploit-db.com/exploits/20426

View Code ZIP pw:eip

This exploit leverages a vulnerability in Internet Explorer 5.5 where arbitrary code can be injected into the trusted index.dat file via URL scripting commands. The PoC uses an OBJECT tag to force IE to render the non-HTML index.dat file as HTML, potentially executing malicious code.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Internet Explorer 5.5

No auth needed

Prerequisites: Victim must visit a malicious webpage · Index.dat file must be accessible at the expected path

MITRE ATT&CK

T1189 - Drive-by Compromise T1204 - User Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026