What is CVE-2004-0216?

CVE-2004-0216 is a vulnerability in N/a. Published 2004-10-16.

Is CVE-2004-0216 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2004-0216

Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overf…

EPSS: 0.549 (98.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

oval:org.mitre.oval:def:5316 (signature, x_refsource_OVAL, vdb-entry)
www.ngssoftware.com/advisories/msinsengfull.txt (x_refsource_MISC)
VU#637760 (x_refsource_CERT-VN, third-party-advisory)
MS04-038 (x_refsource_MS, vendor-advisory)
ie-installenginectl-setciffile-bo(17620) (vdb-entry, x_refsource_XF)
oval:org.mitre.oval:def:7865 (signature, x_refsource_OVAL, vdb-entry)
TA04-293A (x_refsource_CERT, third-party-advisory)
ie-ms04038-patch(17651) (vdb-entry, x_refsource_XF)
oval:org.mitre.oval:def:7717 (signature, x_refsource_OVAL, vdb-entry)
oval:org.mitre.oval:def:6100 (signature, x_refsource_OVAL, vdb-entry)

Frequently asked questions

What is CVE-2004-0216?: CVE-2004-0216 is a vulnerability in N/a. Published 2004-10-16.
Is CVE-2004-0216 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.