Security testing of COM components is a hot yet difficult field in recent years. there are only a few method of detecting stack overflow vulnerability of a component. this paper present a method of detecting stack overflow vulnerability of binary code of a component. the method coverts the buffer overflow problem into the problem of integer constrainst. by scanning the different buffers according to the types of risk function parametes, it first establishes a function library of all risk of COM component, and then compares the used buffer size and the declared buffer size to identify the stack overflow vulnerability. the result of the experiment show that the proposed method has desirable result of detecting COM components' stack overflow vulnerability.