Microsoft Internet Explorer "Scriptlet.typlib/Eyedog" Vulnerability Patch top
Size: 200 Kb
Date: September 1, 1999
Type of software: Freeware
Minimum requirements: Windows 95/98/NT.
Approx. download time: Less than 1min. at 28.8 kbps
Download from: Select a site
Microsoft Internet Explorer "Scriptlet.typlib/Eyedog" Vulnerability Patch is a patch that eliminates security vulnerabilities in two ActiveX controls that can be invoked by Internet Explorer.
The net effect of the vulnerabilities is that a Web page could take unauthorized action against a person who visited it. Specifically, the Web page would be able to do anything on the computer that the user could do.
This issue involves two ActiveX controls, Scriptlet.typlib and Eyedog. - Scriptlet.typlib is a control used by developers to generate Type Libraries for Windows Script Components. It is marked as "safe for scripting", but should not be because it allows local files to be created or modified. The patch removes the "safe for scripting" marking, thereby causing IE to request confirmation from the user before loading the control.
Eyedog is a control used by diagnostic software in Windows. It is marked as "safe for scripting", but should not be because it allows Registry information to be queried and machine characteristics to be gathered. In addition, one of the control's methods is vulnerable to a buffer overrun attack. The patch sets the so-called "kill bit", which prevents it from loading within IE.
More information:
Microsoft Internet Explorer "Scriptlet.typlib/Eyedog" Vulnerability Patch Home Page
