The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.
| Software | From | Fixed in |
|---|---|---|
| microsoft / internet_explorer | 4.0 | 4.0.x |
| microsoft / internet_explorer | 5.0 | 5.0.x |