Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Internet Explorer安全漏洞
Vulnerability Description
Microsoft Internet Explorer(IE)是美国微软(Microsoft)公司的一款Windows操作系统附带的Web浏览器。 在动态的创建嵌入对象时,Internet Explorer返回IOleClientSite信息的方式存在漏洞,恶意网站可能利用此漏洞执行恶意代码或信息收集。 攻击者可以创建有动态创建对象的恶意Web页面,这个对象必须使用返回的IOleClientSite信息做出安全相关的决定。如果用户访问了恶意的站点的话就可能允许远程代码执行或信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A