EIP-2026-119292

PRE-CVE

Word Viewer OCX 3.2 - ActiveX 'Save' Remote File Overwrite

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119292. PoCs published by Houssamix.

AI-analyzed exploit summary This exploit leverages an ActiveX control vulnerability in Word Viewer OCX 3.2 to overwrite arbitrary files on the target system. The exploit uses the `Save` method of the vulnerable control to overwrite `system_.ini` when a user clicks a button in a malicious HTML page.

Description

Word Viewer OCX 3.2 - ActiveX 'Save' Remote File Overwrite

Exploits (1)

exploitdb WORKING POC VERIFIED

by Houssamix · htmlremotewindows

https://www.exploit-db.com/exploits/7747

View Code ZIP pw:eip

This exploit leverages an ActiveX control vulnerability in Word Viewer OCX 3.2 to overwrite arbitrary files on the target system. The exploit uses the `Save` method of the vulnerable control to overwrite `system_.ini` when a user clicks a button in a malicious HTML page.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Word Viewer OCX V 3.2

No auth needed

Prerequisites: Victim must visit a malicious webpage using Internet Explorer 6 · Word Viewer OCX 3.2 must be installed on the target system

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026