The RDS.Dataspace ActiveX control includes a method that can create an instance of an ActiveX control that exists on the system. The ActiveX objects created in this manner will bypass the ActiveX security model. In particular, the "safe for scripting" and killbit options are ignored. Note that in default configurations of Internet Explorer, the RDS.Dataspace ActiveX control cannot be loaded in the Internet Zone.
CVE Link
Exploit Type - Old
Exploits/Client Side
Exploit Platform
Exploit Type
Product Name