There is a URL protocol handler command injection vulnerability in
Internet Explorer for Windows that allows you to execute shell commands
with arbitrary arguments. This vulnerability can be triggered without
user interaction simply by visiting a webpage.

When Internet Explorer encounters a refe...

[ more ]