Vulnerabilities > CVE-2006-1016 - Unspecified vulnerability in Microsoft Internet Explorer 6.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0, when used on Windows 2000 before SP4 or Windows XP before SP1, allows remote attackers to execute arbitrary code via JavaScript that calls IsComponentInstalled with a long first argument.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description MS Internet Explorer 6.0 SP0 IsComponentInstalled() Remote Exploit. CVE-2006-1016. Remote exploit for windows platform id EDB-ID:1536 last seen 2016-01-31 modified 2006-02-28 published 2006-02-28 reporter H D Moore source https://www.exploit-db.com/download/1536/ title Microsoft Internet Explorer 6.0 SP0 IsComponentInstalled Remote Exploit description Internet Explorer isComponentInstalled Overflow. CVE-2006-1016. Remote exploit for windows platform id EDB-ID:16549 last seen 2016-02-02 modified 2010-05-09 published 2010-05-09 reporter metasploit source https://www.exploit-db.com/download/16549/ title Microsoft Internet Explorer - isComponentInstalled Overflow
Metasploit
description | This module exploits a stack buffer overflow in Internet Explorer. This bug was patched in Windows 2000 SP4 and Windows XP SP1 according to MSRC. |
id | MSF:EXPLOIT/WINDOWS/BROWSER/IE_ISCOMPONENTINSTALLED |
last seen | 2019-12-26 |
modified | 2017-07-24 |
published | 2006-12-17 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1016 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/browser/ie_iscomponentinstalled.rb |
title | Microsoft Internet Explorer isComponentInstalled Overflow |
Packetstorm
data source | https://packetstormsecurity.com/files/download/83130/ie_iscomponentinstalled.rb.txt |
id | PACKETSTORM:83130 |
last seen | 2016-12-05 |
published | 2009-11-26 |
reporter | H D Moore |
source | https://packetstormsecurity.com/files/83130/Internet-Explorer-isComponentInstalled-Overflow.html |
title | Internet Explorer isComponentInstalled Overflow |
Saint
bid | 16870 |
description | Internet Explorer isComponentInstalled buffer overflow |
id | win_patch_ie_icibo |
osvdb | 31647 |
title | ie_iscomponentinstalled |
type | client |