ActiveX Control Vulnerability in Microsoft Log Sink Class Affects Internet Explorer
CVE-2005-0360

Currently unrated

Key Information:

Vendor: Microsoft
Status: Log Sink Class Activex Control
Vendor: CVE Published:; 5 July 2005

Summary

The Microsoft Log Sink Class ActiveX control, located in pkmcore.dll, is improperly marked as 'safe for scripting' in Internet Explorer. This designation allows attackers to execute scripts that can create or modify files on the targeted system, potentially leading to data breaches and unauthorized access. Users of affected versions are at risk, and it is recommended to apply security measures to mitigate these vulnerabilities.

References

http://www.kb.cert.org/vuls/id/165022

third-party-advisoryx_refsource_CERT-VN

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 5, 2005