Arbitrary File Creation Vulnerability in Microsoft Log Sink Class ActiveX Control

Arbitrary File Creation Vulnerability in Microsoft Log Sink Class ActiveX Control

CVE-2005-0360 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The Microsoft Log Sink Class ActiveX control in pkmcore.dll is marked as "safe for scripting" for Internet Explorer, which allows remote attackers to create or append to arbitrary files.

Learn more about our Web Application Penetration Testing UK.