Microsoft Internet Explorer DHTML Edit and Help ActiveX crossite scripting

2005-02-09T00:00:00
ID SECURITYVULNS:VULN:4264
Type securityvulns
Reporter BUGTRAQ
Modified 2005-02-09T00:00:00

Description

DHTML ActiveX and Help allows code injection into context of different server. By combining this vulnerability it's psosible to execute code in local machine zone. This vulnerability can potentially be used for silent spyware/adware installation.