MS.IE.IsComponentInstalled.Method.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a buffer overflow vulnerability in the "IsComponentInstalled" method in Internet Explorer.
The vulnerability is caused by insufficient checks of parameters when the vulnerable software handles a call to "IsComponentInstalled" with a long first parameter. It allows a remote attacker to execute arbitrary code.

affected-products-logoAffected Products

Internet Explorer 6.0 on Windows 2000 pre-SP4 or Windows XP pre-SP1

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to Windows 2000 SP4 or Windows XP SP1.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-10-14 16.943 Name:MS.
Windows.
XP.
IE.
IsComponentInstalled.
Overflow:MS.
IE.
IsComponentInstalled.
Method.
Buffer.
Overflow