CVE-2006-1016: Buffer Overflow
First published: Tue Mar 07 2006(Updated: )
Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0, when used on Windows 2000 before SP4 or Windows XP before SP1, allows remote attackers to execute arbitrary code via JavaScript that calls IsComponentInstalled with a long first argument.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Internet Explorer | =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2006-1016?
CVE-2006-1016 is rated as having high severity due to its potential for arbitrary code execution.
How do I fix CVE-2006-1016?
To resolve CVE-2006-1016, users should upgrade to a newer version of Internet Explorer or apply the latest security patches provided by Microsoft.
What causes CVE-2006-1016?
CVE-2006-1016 is caused by a buffer overflow vulnerability in the IsComponentInstalled method of Internet Explorer 6.0.
Which versions of Internet Explorer are affected by CVE-2006-1016?
CVE-2006-1016 affects Internet Explorer 6.0 running on Windows 2000 before SP4 and Windows XP before SP1.
Can CVE-2006-1016 be exploited remotely?
Yes, CVE-2006-1016 can be exploited remotely using malicious JavaScript that manipulates the IsComponentInstalled method.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/author
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/microsoft
- canonical/internet explorer
- version/internet explorer/6.0