Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1016

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1016
Last Modified 05 Sep 2008 05:00:48
Published 06 Mar 2006 07:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1016

Summary

Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0, when used on Windows 2000 before SP4 or Windows XP before SP1, allows remote attackers to execute arbitrary code via JavaScript that calls IsComponentInstalled with a long first argument.

Vulnerable Systems

Application

  • Microsoft Ie 6.0


References

XF - ie-iscomponentinstalled-bo(24923)

MISC - http://www.metasploit.com/projects/Framework/modules/exploits/ie_iscomponentinstalled.pm

MISC - http://metasploit.com/projects/Framework/exploits.html#ie_iscomponentinstalled

BID - 16870


Last Updated: 27 May 2016 10:41:53