Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2004-10-16T04:00:00
Updated: 2018-10-12T19:57:01
Reserved: 2004-03-11T00:00:00
Link: CVE-2004-0216
JSON object: View
NVD Information
Status : Modified
Published: 2004-11-03T05:00:00.000
Modified: 2021-07-23T12:18:31.047
Link: CVE-2004-0216
JSON object: View
Redhat Information
No data.
CWE