ID |
CVE-2006-1016
|
Summary |
Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0, when used on Windows 2000 before SP4 or Windows XP before SP1, allows remote attackers to execute arbitrary code via JavaScript that calls IsComponentInstalled with a long first argument. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.5 (as of 23-07-2021 - 12:55) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
bid | 16870 | misc | | xf | ie-iscomponentinstalled-bo(24923) |
|
saint
via4
|
bid | 16870 | description | Internet Explorer isComponentInstalled buffer overflow | id | win_patch_ie_icibo | osvdb | 31647 | title | ie_iscomponentinstalled | type | client |
|
Last major update |
23-07-2021 - 12:55 |
Published |
07-03-2006 - 00:02 |
Last modified |
23-07-2021 - 12:55 |