EIP-2026-118840

PRE-CVE

Microsoft Internet Explorer 6 - URI Handler Restriction Circumvention

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118840. PoCs published by Thor Larholm.

AI-analyzed exploit summary This writeup describes a bypass for Microsoft Windows Internet Explorer 6.0 SP1 URI handler restrictions using HTTP redirects. It explains how an attacker can use an <object> tag to trigger a redirect to a restricted URI (e.g., file:// or res://), circumventing security measures.

Description

Microsoft Internet Explorer 6 - URI Handler Restriction Circumvention

Exploits (1)

exploitdb WRITEUP VERIFIED

by Thor Larholm · textremotewindows

https://www.exploit-db.com/exploits/21803

View Code ZIP pw:eip

This writeup describes a bypass for Microsoft Windows Internet Explorer 6.0 SP1 URI handler restrictions using HTTP redirects. It explains how an attacker can use an <object> tag to trigger a redirect to a restricted URI (e.g., file:// or res://), circumventing security measures.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Windows Internet Explorer 6.0 SP1

No auth needed

Prerequisites: Victim must be using Internet Explorer 6.0 SP1 · Attacker must host a malicious webpage with the exploit code

MITRE ATT&CK

T1204 - User Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026