IE v5.5,SP2 Install Engine Buffer OverflowID: oval:org.mitre.oval:def:6100 | Date: (C)2005-01-18 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow.
Platform: |
Microsoft Windows ME |
Product: |
Microsoft Internet Explorer |