PT-2006-2053 · Microsoft · Internet Explorer 6.0+2

Published

2006-03-07

Updated

2021-07-23

CVE-2006-1016

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Internet Explorer 6.0 versions on Windows 2000 before SP4 and Windows XP before SP1

Description A buffer overflow issue exists in the IsComponentInstalled method, allowing remote attackers to execute arbitrary code via JavaScript that calls IsComponentInstalled with a long first argument.

Recommendations For Internet Explorer 6.0 on Windows 2000 before SP4 and Windows XP before SP1, consider applying the necessary service packs to update the operating system, which may include fixes for this issue. As a temporary workaround, consider disabling JavaScript in Internet Explorer until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-1016

Affected Products

Internet Explorer 6.0

Windows 2000

Windows Xp

PT-2006-2053 · Microsoft · Internet Explorer 6.0+2

CVE-2006-1016

Related Identifiers

Affected Products

References · 7