EIP-2026-119542

PRE-CVE

Microsoft Windows 7 SP1 (x86) - GDI Palette Objects Local Privilege Escalation (MS17-017)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119542. PoCs published by Saif.

AI-analyzed exploit summary This exploit leverages a GDI palette overflow vulnerability in Win32k to achieve local privilege escalation by manipulating kernel memory structures. It uses heap feng shui techniques to control memory layout and overwrites critical kernel structures to escalate privileges.

Description

Microsoft Windows 7 SP1 (x86) - GDI Palette Objects Local Privilege Escalation (MS17-017)

Exploits (1)

exploitdb WORKING POC

by Saif · c++localwindows_x86

https://www.exploit-db.com/exploits/42432

View Code ZIP pw:eip

This exploit leverages a GDI palette overflow vulnerability in Win32k to achieve local privilege escalation by manipulating kernel memory structures. It uses heap feng shui techniques to control memory layout and overwrites critical kernel structures to escalate privileges.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: Microsoft Windows (likely Windows 7 SP1 based on offsets)

No auth needed

Prerequisites: Local access to the target system · Ability to execute arbitrary code

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1055 - Process Injection

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026