CVE-2004-0216

Current Description

Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow.

Basic Data

PublishedNovember 03, 2004
Last ModifiedOctober 12, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationMicrosoftIe5.01*******
    2.3ApplicationMicrosoftIe5.5*******
    2.3ApplicationMicrosoftIe6windows_server_2003_sp1******

Vulnerable Software List

VendorProductVersions
Microsoft Ie 5.01, 5.5, 6

References

NameSourceURLTags
20041012 Microsoft Internet Explorer Install Engine Control Buffer Overflowhttp://marc.info/?l=bugtraq&m=109760693512754&w=2BUGTRAQ
20050119 Microsoft Internet Explorer Install Engine Control Buffer Overflow (#NISR19012005a)http://marc.info/?l=bugtraq&m=110616383332055&w=2BUGTRAQ
20050119 Microsoft Internet Explorer Install Engine Control Buffer Overflow (#NISR19012005a)http://marc.info/?l=ntbugtraq&m=110619893620517&w=2NTBUGTRAQ
VU#637760http://www.kb.cert.org/vuls/id/637760CERT-VNPATCH Third Party Advisory US Government Resource
http://www.ngssoftware.com/advisories/msinsengfull.txthttp://www.ngssoftware.com/advisories/msinsengfull.txtMISC
TA04-293Ahttp://www.us-cert.gov/cas/techalerts/TA04-293A.htmlCERTPATCH Third Party Advisory US Government Resource
MS04-038https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038MS
ie-installenginectl-setciffile-bo(17620)https://exchange.xforce.ibmcloud.com/vulnerabilities/17620XF
ie-ms04038-patch(17651)https://exchange.xforce.ibmcloud.com/vulnerabilities/17651XF
oval:org.mitre.oval:def:5316https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5316OVAL
oval:org.mitre.oval:def:5329https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5329OVAL
oval:org.mitre.oval:def:6100https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6100OVAL
oval:org.mitre.oval:def:6600https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6600OVAL
oval:org.mitre.oval:def:7717https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7717OVAL
oval:org.mitre.oval:def:7865https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7865OVAL