Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls," which allows remote malicious users to execute arbitrary code via a crafted COM object from chtskdic.dll.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet_explorer 5.0.1 |
||
microsoft ie 6.0 |
||
microsoft internet_explorer 6.0 |
||
microsoft internet_explorer 7.0 |