2000-02-23 05:00:00
mitre
PUBLISHED
The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the softwares manufacturer is Microsoft.