CVE-2006-4777

This is a Metasploit module exploiting a heap overflow vulnerability in the KeyFrame method of the DirectAnimation.PathControl ActiveX control (CVE-2006-4777). It uses heap spraying and JavaScript obfuscation to achieve remote code execution on vulnerable Windows systems.

This exploit targets a heap overflow vulnerability in Internet Explorer's DirectAnimation.PathControl COM object (CVE-2006-4777). It generates an HTML file with malicious JavaScript that triggers the overflow and executes shellcode to download and run an arbitrary executable from a specified URL.

This repository contains a functional JavaScript exploit for CVE-2006-4777, targeting Internet Explorer 6.0 SP1 on Windows XP SP2. The exploit leverages heap spraying and memory corruption to achieve fileless, drive-by RCE without user consent.

This Metasploit module exploits a heap overflow vulnerability in the KeyFrame method of the DirectAnimation.PathControl ActiveX control (CVE-2006-4777). It uses heap spraying and JavaScript obfuscation to achieve remote code execution on vulnerable Windows systems.