Microsoft Internet Explorer IsComponentInstalled Buffer Overflow Vulnerability

Microsoft Internet Explorer IsComponentInstalled Buffer Overflow Vulnerability

Microsoft Internet Explorer is prone to a remote buffer-overflow vulnerability in the 'IsComponentInstalled()' method. A successful exploit results in arbitrary code execution in the context of the user running the browser.

This issue was reportedly addressed in Windows 2000 SP4 and Windows XP SP1, but this has not been confirmed.

Internet Explorer 6 is vulnerable to this issue; earlier versions may also be affected.