|
|
CVE Reference: CVE-2006-4446 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-4446 |
|
|
Description: Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first argument specifies a large number of points. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/28608 ST 1016764 SREASON http://securityreason.com/securityalert/1468 SAID Secunia Advisory: SA21910 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:437 OSVDB 28841 MS http://www.microsoft.com/technet/security/bulletin/ms06-067.mspx MISC http://www.xsec.org/index.php?module=releases&act=view&type=1&id=19 CERT http://www.us-cert.gov/cas/techalerts/TA06-318A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/444504/100/0/threaded BID 19738 |
|
| Return to the previous page. |
