CVE-2006-1016 Information

Description

Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0 when used on Windows 2000 before SP4 or Windows XP before SP1 allows remote attackers to execute arbitrary code via JavaScript that calls IsComponentInstalled with a long first argument.

Reference

http://metasploit.com/projects/Framework/exploits.htmlie_iscomponentinstalled http://www.metasploit.com/projects/Framework/modules/exploits/ie_iscomponentinstalled.pm http://www.securityfocus.com/bid/16870 https://exchange.xforce.ibmcloud.com/vulnerabilities/24923