EIP-2026-118829

PRE-CVE

Microsoft Internet Explorer 6 - IFRAME Status Bar URI Obfuscation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118829. PoCs published by Benjamin Tobias Franz.

AI-analyzed exploit summary This exploit demonstrates a URI obfuscation weakness in Microsoft Internet Explorer 6, allowing an attacker to display false information in the status bar. The PoC uses nested HTML frames to spoof the displayed URL, tricking users into believing they are visiting a trusted site.

Description

Microsoft Internet Explorer 6 - IFRAME Status Bar URI Obfuscation

Exploits (1)

exploitdb WORKING POC VERIFIED

by Benjamin Tobias Franz · textremotewindows

https://www.exploit-db.com/exploits/24720

View Code ZIP pw:eip

This exploit demonstrates a URI obfuscation weakness in Microsoft Internet Explorer 6, allowing an attacker to display false information in the status bar. The PoC uses nested HTML frames to spoof the displayed URL, tricking users into believing they are visiting a trusted site.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Internet Explorer 6

No auth needed

Prerequisites: User interaction (clicking a link) · Internet Explorer 6

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026