Back to search
CVE-2006-4777
Published: Sep 14, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the KeyFrame method, possibly related to an integer overflow, as demonstrated by daxctle2, and a different vulnerability than CVE-2006-4446.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1016854
vdb-entry
x_refsource_SECTRACK
21910
third-party-advisory
x_refsource_SECUNIA
1577
third-party-advisory
x_refsource_SREASON
TA06-318A
third-party-advisory
x_refsource_CERT
http://www.microsoft.com/technet/security/advisory/925444.mspx
x_refsource_CONFIRM
ADV-2006-3593
vdb-entry
x_refsource_VUPEN
28842
vdb-entry
x_refsource_OSVDB
20060918 Re: IE ActiveX 0day?
mailing-list
x_refsource_BUGTRAQ
20060915 RE: IE ActiveX 0day?
mailing-list
x_refsource_BUGTRAQ
VU#377369
third-party-advisory
x_refsource_CERT-VN
ie-directanimation-code-execution(28942)
vdb-entry
x_refsource_XF
20047
vdb-entry
x_refsource_BID
20060915 Fwd: IE ActiveX 0day?
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:1103
vdb-entry
signature
x_refsource_OVAL
MS06-067
vendor-advisory
x_refsource_MS
20060913 [0day] daxctle2.c - Internet Explorer COM Object Heap Overflow Download Exec Exploit
mailing-list
x_refsource_BUGTRAQ
20060915 Re: Fwd: IE ActiveX 0day?
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now