MS IE ActiveX Combined Component Attributes Vulnerability

info
discussion
exploit
solution
references

MS IE ActiveX Combined Component Attributes Vulnerability

If specific attributes are combined, it is possible for a malicious website to overflow an unchecked buffer in the code which initiates ActiveX components in IE, allowing arbitrary code to be run on a computer of a visiting user.