A certain ActiveX control in adsiis.dll in Microsoft Internet Information Services (IIS) allows remote malicious users to cause a denial of service (browser crash) via a long string in the second argument to the GetObject method. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet information services - |