VULHUB ™

Microsoft offers Terminal Services client functionality over the web through the Terminal Services Advanced Client ActiveX control. It is an optional component that is installed by end-users. An attacker could construct a malicious link to a vulnerable host that contains arbitrary HTML and script code. If this link is visited by a web user, the attacker-supplied code will be rendered in their browser, in the security context of the vulnerable site.

Microsoft offers Terminal Services client functionality over the web through the Terminal Services Advanced Client ActiveX control. It is an optional component that is installed by end-users. An attacker could construct a malicious link to a vulnerable host that contains arbitrary HTML and script code. If this link is visited by a web user, the attacker-supplied code will be rendered in their browser, in the security context of the vulnerable site.