EIP-2026-119543

PRE-CVE

Microsoft Word 2007 (x86) - Information Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119543. PoCs published by Eduardo Braun Prado.

AI-analyzed exploit summary This exploit leverages the Microsoft Scriptlet Component ActiveX in MS Office Word to execute JavaScript, which then reads and discloses the contents of local files (e.g., WindowsUpdate.log) via an XMLHTTP request. It bypasses some IE security features by referencing the document itself as an HTML file.

Description

Microsoft Word 2007 (x86) - Information Disclosure

Exploits (1)

exploitdb WORKING POC

by Eduardo Braun Prado · textlocalwindows_x86

https://www.exploit-db.com/exploits/42930

View Code ZIP pw:eip

This exploit leverages the Microsoft Scriptlet Component ActiveX in MS Office Word to execute JavaScript, which then reads and discloses the contents of local files (e.g., WindowsUpdate.log) via an XMLHTTP request. It bypasses some IE security features by referencing the document itself as an HTML file.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Office Word 2007 (32-bit)

No auth needed

Prerequisites: Victim must open a malicious .WPS file downloaded from the internet · File must be marked as from the 'Internet Zone'

MITRE ATT&CK

T1213 - Data from Information Repositories T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026