Arbitrary Code Execution via Shell Helper Objects in Microsoft Internet Explorer 5.5 and 6.0

Arbitrary Code Execution via Shell Helper Objects in Microsoft Internet Explorer 5.5 and 6.0

CVE-2004-2291 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script.

Learn more about our Web Application Penetration Testing UK.