Intrusion Prevention

MS.IE.Install.Engine.ActiveX.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Buffer Overflow vulnerability in Microsoft Internet Explorer Install Engine ActiveX Control.
The vulnerability, which is located in the "inseng.dll" ActiveX control, can be exploited through misuse of the "SetCifFile" method. It may allow remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control. Failed exploit attempts will likely cause the program to crash, resulting in a Denial of Service condition.

Affected Products

Microsoft Internet Explorer 5.0.1 SP4
Microsoft Internet Explorer 5.0.1 SP3
Microsoft Internet Explorer 5.0.1 SP2
Microsoft Internet Explorer 5.0.1 SP1
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 5.5 SP2
Microsoft Internet Explorer 5.5 SP1
Microsoft Internet Explorer 5.5
Avaya S8100 Media Servers
Avaya S3400 Message Application Server
Avaya Modular Messaging (MSS) 2.0
Avaya Modular Messaging (MSS) 1.1
Avaya IP600 Media Servers
Avaya DefinityOne Media Servers

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Microsoft Internet Explorer 6.0 SP1
Microsoft Cumulative Security Update for Internet Explorer 6 Service Pack 1 for Windows 98, Windows NT and Wi
For Microsoft Windows 98, Windows 98 Second Edition, Windows ME, and Windows NT4 Server.
http://www.microsoft.com/downloads/details.aspx?FamilyId=DE8D94C4-7F58-4CE7-B8BD-51CFD795B03E&displaylang=en
Microsoft Cumulative Security Update for Internet Explorer 6 Service Pack 1 for Windows XP and Windows 2000 (
For Microsoft Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP, and Windows XP Service Pack 1.
http://www.microsoft.com/downloads/details.aspx?FamilyId=7C1404E6-F5D4-4FED-9573-DD83F2DFF074&displaylang=en
Microsoft Cumulative Security Update for Internet Explorer 6 SP1 64-bit Edition (KB834707)
For Microsoft Windows XP SP1 64-bit.
http://www.microsoft.com/downloads/details.aspx?FamilyId=C05103E8-4402-4D54-BA03-FBBC24142E4D&displaylang=en
Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB834707)
For Microsoft Windows Server 2003 Family.
http://www.microsoft.com/downloads/details.aspx?FamilyId=19E69E5F-9C98-49AD-A61F-4F82A4014412&displaylang=en
Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 64-bit Edition (KB834707)
For Microsoft Windows Server 2003 Family (64-bit).
http://www.microsoft.com/downloads/details.aspx?FamilyId=566C2A05-2513-4E30-A3EA-87D4BF7F9730&displaylang=en
Microsoft Internet Explorer 5.5 SP2
Microsoft Cumulative Security Update for Internet Explorer 5.5 Service Pack 2 (KB834707) - English
For Microsft Windows Millennium Edition.
http://www.microsoft.com/downloads/details.aspx?FamilyId=BE27F77C-3C2D-45F1-86DF-2B71799DA169&displaylang=en
Microsoft Internet Explorer 6.0
Microsoft Cumulative Security Update for Internet Explorer 6 (KB834707)
For Windows XP.
http://www.microsoft.com/downloads/details.aspx?FamilyId=A89CFBE8-C299-415D-A9D6-7CC6429C547D&displaylang=en
Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB834707)
For Microsoft Windows Server 2003 Family.
http://www.microsoft.com/downloads/details.aspx?FamilyId=19E69E5F-9C98-49AD-A61F-4F82A4014412&displaylang=en
Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 64-bit Edition (KB834707)
For Microsoft Windows Server 2003 Family (64-bit).
http://www.microsoft.com/downloads/details.aspx?FamilyId=566C2A05-2513-4E30-A3EA-87D4BF7F9730&displaylang=en
Microsoft Internet Explorer 5.0.1 SP3
Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 3 (KB834707)
For Windows 2000 Service Pack 3.
http://www.microsoft.com/downloads/details.aspx?FamilyId=2D8E8E97-4946-4994-924B-1FB1DC1881BA&displaylang=en
Microsoft Internet Explorer 5.0.1 SP4
Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB834707)
For Windows 2000 Service Pack 4.
http://www.microsoft.com/downloads/details.aspx?FamilyId=72DBE239-AF0A-42B5-B88C-A00371F6EC81&displaylang=en

CVE References

CVE-2004-0216