Vulnerability Database

290,206

Total vulnerabilities in the database

CVE-2004-0216

Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow.

  • Published: Nov 3, 2004
  • Updated: Apr 13, 2023
  • CVE: CVE-2004-0216
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
microsoft / ie 6-windows_server_2003_sp1 6-windows_server_2003_sp1.x
microsoft / internet_explorer 5.01 5.01.x
microsoft / internet_explorer 5.5 5.5.x