Unrated severityNVD Advisory· Published Nov 3, 2004· Updated Jun 16, 2026
CVE-2004-0216
CVE-2004-0216
Description
Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
- (no CPE)range: <=6
Patches
Vulnerability mechanics
References
15- www.kb.cert.org/vuls/id/637760nvdPatchThird Party AdvisoryUS Government Resource
- www.us-cert.gov/cas/techalerts/TA04-293A.htmlnvdPatchThird Party AdvisoryUS Government Resource
- marc.infonvd
- marc.infonvd
- marc.infonvd
- www.ngssoftware.com/advisories/msinsengfull.txtnvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/17620nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/17651nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5316nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5329nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6100nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6600nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7717nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7865nvd
News mentions
0No linked articles in our index yet.