The host is installed with scripting engines and is prone to information disclosure vulnerability. A flaw is present in JScript 5.8 and VBScript 5.8 scripting engines, which fails to properly load decoded scripts obtained from web pages. Successful exploitation could allow remote attackers to redirect a user to the attacker's web site.