Which attack vector lures victims via email or a link to trigger remote code execution and obtain privileges equal to those of authorized users?

ActiveX attacks rely on a malicious ActiveX control being delivered to a target and executed in the user’s browser. When a user is lured via email or a link to load or run this control, the code executes on the local machine with the same privileges as the logged-in user, giving the attacker remote code execution and access corresponding to authorized rights. This exactly matches the scenario of triggering code execution through a user-chinked action and gaining that user’s privileges. The other options don’t fit: frame injection focuses on manipulating framed content on a page rather than running a payload with user rights; SOAPAction is just a SOAP header with no inherent payload execution; WS-Attacker relates to web service tooling rather than a client-side drive-by that executes code via email-linked content.