IE IFRAME Buffer Overflow exploit v1.12 Vulnerability exploited: CAN-2004-1050 - BID-11515 Category: Exploits/Client Side This module will listen HTTP requests from vulnerable clients and install a Level0 agent on them. A vulnerability in Internet Explorer 6 is caused due to a boundary error in the handling of certain attributes ( "SRC" and "NAME" ) in the IFRAME HTML tag. This vulnerability is exploited by this module to install a level0 agent. Supported Systems: Windows 2000 Server - sp0 (i386) Windows 2000 Server - sp1 (i386) Windows 2000 Server - sp2 (i386) Windows 2000 Server - sp3 (i386) Windows 2000 Server - sp4 (i386) Windows 2000 Advanced Server - sp0 (i386) Windows 2000 Advanced Server - sp1 (i386) Windows 2000 Advanced Server - sp2 (i386) Windows 2000 Advanced Server - sp3 (i386) Windows 2000 Advanced Server - sp4 (i386) Windows 2000 Professional - sp0 (i386) Windows 2000 Professional - sp1 (i386) Windows 2000 Professional - sp2 (i386) Windows 2000 Professional - sp3 (i386) Windows 2000 Professional - sp4 (i386) Windows XP Professional - sp0 (i386) Windows XP Professional - sp1 (i386) Windows XP Home Edition - sp0 (i386) Windows XP Home Edition - sp1 (i386) This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.