SHARE
CORE IMPACT v9 - Exploits Update (Fri Sep 04 2009)
Microsoft MDAC RDS.Dataspace ActiveX Control Exploit
Exploits/Client Side [Windows]
• Fri Sep 04 2009
The RDS.Dataspace ActiveX control includes a method that can create an instance of an ActiveX control that exists on the system. The ActiveX objects created in this manner will bypass the ActiveX security model. In particular, the "safe for scripting" and killbit options are ignored. Note that in default configurations of Internet Explorer, the RDS.Dataspace ActiveX control cannot be loaded in the Internet Zone.
Exploits Vulnerabiltiy: CVE-2006-0003