Microsoft Internet Explorer Install Engine ActiveX Control Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

Microsoft Internet Explorer Install Engine ActiveX Control Buffer Overflow Vulnerability

A remotely exploitable buffer overflow vulnerability exists in the Microsoft Internet Explorer Install Engine ActiveX control. This vulnerability is caused by insufficient bounds checking of arguments passed to the control leading to a heap overflow.

The vulnerability may be exploited to execute arbitrary code in the context of the client user.