CVE-2004-0216

ms04-038.html

Severity Score

8.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow.

Desbordamiento de búfer en el Motor de Instalación (inseng.dll) de Internet Explorer 5.01, 5.5 y 6 permite a atacantes remotos ejecutar código de su elección mediante un sitio web maliciosos o correo electrónico HTML.

Multiple Internet Explorer vulnerabilities have been patched by Microsoft. If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2004-03-11 CVE Reserved
2004-10-16 CVE Published
2024-08-08 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (15)

URL	Tag	Source
http://marc.info/?l=bugtraq&m=109760693512754&w=2	Mailing List
http://marc.info/?l=bugtraq&m=110616383332055&w=2	Mailing List
http://marc.info/?l=ntbugtraq&m=110619893620517&w=2	Mailing List
http://www.ngssoftware.com/advisories/msinsengfull.txt	X_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/17620	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/17651	Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5316	Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5329	Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6100	Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6600	Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7717	Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7865	Signature

URL	Date	SRC

URL	Date	SRC
http://www.kb.cert.org/vuls/id/637760	2021-07-23
http://www.us-cert.gov/cas/techalerts/TA04-293A.html	2021-07-23

URL	Date	SRC
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038	2021-07-23

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Microsoft Search vendor "Microsoft"		Ie Search vendor "Microsoft" for product "Ie"				6 Search vendor "Microsoft" for product "Ie" and version "6"		windows_server_2003_sp1		Affected
Microsoft Search vendor "Microsoft"		Internet Explorer Search vendor "Microsoft" for product "Internet Explorer"				5.01 Search vendor "Microsoft" for product "Internet Explorer" and version "5.01"		-		Affected
Microsoft Search vendor "Microsoft"		Internet Explorer Search vendor "Microsoft" for product "Internet Explorer"				5.5 Search vendor "Microsoft" for product "Internet Explorer" and version "5.5"		-		Affected