The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the softwares manufacturer is Microsoft.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Outlook | Microsoft | * | * |
Internet_explorer | Microsoft | 5 | 5 |
Ie | Microsoft | 4.x | 4.x |