The Microsoft Log Sink Class ActiveX control in pkmcore.dll is marked as "safe for scripting" for Internet Explorer, which allows remote attackers to create or append to arbitrary files.
From 神龙GPT (AIGC)
"pkmcore.dll中的Microsoft Log Sink Class ActiveX控制被标记为“安全用于脚本”的Internet Explorer版本,这允许远程攻击者创建或附加到任意文件。"