Impact of vulnerability: Allow an attacker to execute commands on a user’s system. Maximum Severity Rating: Critical
Recommendation: Customers should install the patch immediately. [Technet]
Affected Software:
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Download locations for this patch
To exploit the holes, an attacker would have to host a malicious web page aimed at this particular vulnerability and then persuade an IE user to visit that site. Once the user has visited the malicious web site, it would be possible for the attacker to run malicious script.