IE v5.01,SP3 Install Engine Buffer OverflowID: oval:org.mitre.oval:def:7865 | Date: (C)2004-10-25 (M)2021-07-27 |
Class: VULNERABILITY | Family: windows |
Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow.
Platform: |
Microsoft Windows 2000 |
Product: |
Microsoft Internet Explorer |