ID CVE-2006-1016
Summary Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0, when used on Windows 2000 before SP4 or Windows XP before SP1, allows remote attackers to execute arbitrary code via JavaScript that calls IsComponentInstalled with a long first argument.
References
Vulnerable Configurations
  • Microsoft Internet Explorer 6.0
    cpe:2.3:a:microsoft:ie:6.0
CVSS
Base: 7.5 (as of 07-03-2006 - 11:34)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
  • description MS Internet Explorer 6.0 SP0 IsComponentInstalled() Remote Exploit. CVE-2006-1016. Remote exploit for windows platform
    id EDB-ID:1536
    last seen 2016-01-31
    modified 2006-02-28
    published 2006-02-28
    reporter H D Moore
    source https://www.exploit-db.com/download/1536/
    title Microsoft Internet Explorer 6.0 SP0 IsComponentInstalled Remote Exploit
  • description Internet Explorer isComponentInstalled Overflow. CVE-2006-1016. Remote exploit for windows platform
    id EDB-ID:16549
    last seen 2016-02-02
    modified 2010-05-09
    published 2010-05-09
    reporter metasploit
    source https://www.exploit-db.com/download/16549/
    title Microsoft Internet Explorer - isComponentInstalled Overflow
metasploit via4
description This module exploits a stack buffer overflow in Internet Explorer. This bug was patched in Windows 2000 SP4 and Windows XP SP1 according to MSRC.
id MSF:EXPLOIT/WINDOWS/BROWSER/IE_ISCOMPONENTINSTALLED
last seen 2019-03-10
modified 2017-07-24
published 2006-12-17
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ie_iscomponentinstalled.rb
title Microsoft Internet Explorer isComponentInstalled Overflow
packetstorm via4
data source https://packetstormsecurity.com/files/download/83130/ie_iscomponentinstalled.rb.txt
id PACKETSTORM:83130
last seen 2016-12-05
published 2009-11-26
reporter H D Moore
source https://packetstormsecurity.com/files/83130/Internet-Explorer-isComponentInstalled-Overflow.html
title Internet Explorer isComponentInstalled Overflow
refmap via4
bid 16870
misc
xf ie-iscomponentinstalled-bo(24923)
saint via4
bid 16870
description Internet Explorer isComponentInstalled buffer overflow
id win_patch_ie_icibo
osvdb 31647
title ie_iscomponentinstalled
type client
Last major update 05-09-2008 - 17:00
Published 06-03-2006 - 19:02
Last modified 19-07-2017 - 21:30
Back to Top