CVE-2006-1016

CVSS 7.5 - HIGH

Description

Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0, when used on Windows 2000 before SP4 or Windows XP before SP1, allows remote attackers to execute arbitrary code via JavaScript that calls IsComponentInstalled with a long first argument.

Affected Products

1

Vendor	Product	Version
microsoft	internet_explorer	`6.0`

References

http://metasploit.com/projects/Framework/exploits....

http://www.metasploit.com/projects/Framework/modul...

http://www.securityfocus.com/bid/16870

https://exchange.xforce.ibmcloud.com/vulnerabiliti...

http://metasploit.com/projects/Framework/exploits....

http://www.metasploit.com/projects/Framework/modul...

http://www.securityfocus.com/bid/16870

https://exchange.xforce.ibmcloud.com/vulnerabiliti...

Weakness Types

NVD-CWE-Other

CVE Information

CVE ID:: CVE-2006-1016
Published:: 2006-03-07
Modified:: 2026-04-16
CVSS Score:: 7.5
Severity:: HIGH
Vector:: AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected Vendors

microsoft

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL