Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow.
| Software | From | Fixed in |
|---|---|---|
| microsoft / ie | 6-windows_server_2003_sp1 | 6-windows_server_2003_sp1.x |
| microsoft / internet_explorer | 5.01 | 5.01.x |
| microsoft / internet_explorer | 5.5 | 5.5.x |