What is CVE-2006-1016?

CVE-2006-1016 is a vulnerability in N/a. Published 2006-03-07.

Is CVE-2006-1016 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2006-1016

Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0, when used on Windows 2000 before SP4 or Windows XP before SP1, allows remote attackers to execute arbitrary code via JavaScript that calls IsComponentInstalled wi…

EPSS: 0.765 (99.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

16870 (vdb-entry, x_refsource_BID)
ie-iscomponentinstalled-bo(24923) (vdb-entry, x_refsource_XF)
metasploit.com/projects/Framework/exploits.html (x_refsource_MISC)
www.metasploit.com/projects/Framework/modules/exploits/ie_iscomponentinstalled… (x_refsource_MISC)

Frequently asked questions

What is CVE-2006-1016?: CVE-2006-1016 is a vulnerability in N/a. Published 2006-03-07.
Is CVE-2006-1016 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.