CVE-2006-4446 - CVE Reference - Advisories

CVE Reference: CVE-2006-4446

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4446

Description: Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first argument specifies a large number of points.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/28608 ST 1016764 SREASON http://securityreason.com/securityalert/1468 SAID Secunia Advisory: SA21910 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:437 OSVDB 28841 MS http://www.microsoft.com/technet/security/bulletin/ms06-067.mspx MISC http://www.xsec.org/index.php?module=releases&act=view&type=1&id=19 CERT http://www.us-cert.gov/cas/techalerts/TA06-318A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/444504/100/0/threaded BID 19738

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Kostenloses Linkmanagements cript Multiple Vulnerabilities

2.	Model Search "cat" SQL Injection Vulnerability

3.	Drupal Site Documentation Module Information Disclosure

4.	W1L3D4 Philboard Multiple SQL Injection Vulnerabilities

5.	Oracle Application Server Portal Authentication Bypass

6.	Interspire ActiveKB Admin Interface Cookie Security Bypass

7.	Rantx "logininfo" Security Bypass Vulnerability

8.	Pet Grooming Management System "useradded.php" Security Bypass

9.	e107 BLOG Engine Plugin "rid" SQL Injection

10.	Linux Kernel Multiple Vulnerabilities