CVE-2006-4446

EXPLOITED

Microsoft IE - Buffer Overflow

Title source: rule

Description

Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first argument specifies a large number of points.

Exploits (1)

exploitdb WORKING POC VERIFIED

by XSec · htmlremotewindows

https://www.exploit-db.com/exploits/28438

View Code ZIP pw:eip

References (11)

[Exploit] http://www.securityfocus.com/bid/19738

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA06-318A.html

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-067

[Various Sources] http://www.xsec.org/index.php?module=releases&act=view&type=1&id=19

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/444504/100/0/threaded

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/28608

[Third Party Advisory, VDB Entry] http://www.osvdb.org/28841

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A437

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1016764

[Third Party Advisory] http://secunia.com/advisories/21910

[Third Party Advisory] http://securityreason.com/securityalert/1468

Scores

EPSS 0.7608

EPSS Percentile 98.9%

Details

VulnCheck KEV 2006-11-14

Status published

Products (1)

microsoft/ie 6.0 sp1

Published Aug 30, 2006

Tracked Since Feb 18, 2026