It allows arbitrary code to be run on the affected computer, just by accessing a malicious web site or opening an email message in HTML format.

Windows 2003/XP/2000/NT/ME/98/95

CodeBase.A is a piece of code included in the body of an email message or a web page in order to exploit two vulnerabilities in the browser Internet Explorer. Affected software is Internet Explorer v4.0 or later, and programs that use this browser internally to perform some operations, such as Outlook and Outlook Express.

Exploited vulnerabilities are Browser Cache Script Execution in My Computer Zone and Object Tag. They allow an attacking user to run arbitrary code on the affected computer without the user's permission when accessing a malicious web site or opening a specially crafted email message in HTML format.

The arbitrary code is usually embedded in the web site or the received email message, and could be of any nature: viruses, worms, Trojans, backdoors, etc.

If your computer has Internet Explorer v4.0 or later installed, it is highly recommendable to download the security patch from Microsoft's website. Click here to access the web page for further information and downloading the patch.