EIP-2026-119640

PRE-CVE

Microsoft Windows 8.1 (x64) - 'RGNOBJ' Integer Overflow (MS16-098)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119640. PoCs published by Saif.

AI-analyzed exploit summary This exploit leverages a kernel pool overflow vulnerability (CVE-2016-3309) in the Windows GDI component to achieve local privilege escalation. It uses heap spraying and memory manipulation to corrupt kernel structures and escalate privileges.

Description

Microsoft Windows 8.1 (x64) - 'RGNOBJ' Integer Overflow (MS16-098)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Saif · clocalwindows_x86-64

https://www.exploit-db.com/exploits/41020

View Code ZIP pw:eip

This exploit leverages a kernel pool overflow vulnerability (CVE-2016-3309) in the Windows GDI component to achieve local privilege escalation. It uses heap spraying and memory manipulation to corrupt kernel structures and escalate privileges.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Racy

Target: Microsoft Windows (tested on Windows 8.1)

No auth needed

Prerequisites: Local access to the target system · Vulnerable Windows kernel version

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1055 - Process Injection

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026