Microsoft Internet Explorer 5.0.1 Daxctle.OCX Spline Method Heap Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19738/info Microsoft Internet Explorer is prone to a heap buffer-overflow vulnerability.. The vulnerability arises because of the way Internet Explorer tries to instantiate certain COM objects as ActiveX controls. An...

Internet Explorer daxctle.ocx KeyFrame Method Memory Corruption (MS06-067; CVE-2006-4777)

Microsoft Internet Explorer IE is a web browser application that is capable rendering both static and dynamic contents. The application supports the ActiveX technology, which is a feature extension framework. IE is installed with a set of ActiveX controls including the DirectAnimation package...

Microsoft IE daxctle.ocx KeyFrame方法堆溢出漏洞（MS06-067）

Internet Explorer是一款微软开发的非常流行的WEB浏览器。 Microsoft IE的daxctle.ocx ActiveX控件实现上存在堆溢出漏洞，远程攻击者可能利用此漏洞在在用户机器上执行任意指令。 Multimedia Controls ActiveX控件（daxctle.ocx）的CPathCtl::KeyFrame函数存在溢出漏洞。如果HTML文档处理对ActiveX控件的KeyFrame方式所传送的特制参数，则用户受骗访问了这样的恶意HTML文档就会导致执行任意代码。 Microsoft Internet Explorer 6.0 SP1 Microsoft...

CVE-2006-5884

Multiple unspecified vulnerabilities in DirectAnimation ActiveX controls for Microsoft Internet Explorer 5.01 through 6 have unknown impact and remote attack vectors, possibly related to 1 Danim.dll and 2 Lmrt.dll, a different set of vulnerabilities than CVE-2006-4446 and CVE-2006-4777...

CVE-2006-5884

Multiple unspecified vulnerabilities in DirectAnimation ActiveX controls for Microsoft Internet Explorer 5.01 through 6 have unknown impact and remote attack vectors, possibly related to 1 Danim.dll and 2 Lmrt.dll, a different set of vulnerabilities than CVE-2006-4446 and CVE-2006-4777...

CVE-2006-5884

CVE-2006-4777 corresponds to a DirectAnimation ActiveX vulnerability (Daxctle.ocx, KeyFrame method) in Internet Explorer 5.01–6 that enables memory corruption/heap overflow, with exploits referenced by Metasploit module ms06_067_keyframe and multiple sightings (CIRCL, exploit-db). Public material...

VulnCheck KEV: CVE-2006-4446

Heap-based buffer overflow in DirectAnimation.PathControl COM object daxctle.ocx in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first argument specifies a large number of points...

VulnCheck KEV: CVE-2006-4777

Heap-based buffer overflow in the DirectAnimation Path Control DirectAnimation.PathControl COM object daxctle.ocx for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the...

Microsoft DirectAnimation Path ActiveX control Spline method integer overflow

Overview A vulnerability in the Microsoft DirectAnimation ActiveX controls may allow a remote attacker to execute arbitrary code on an affected system. Description Microsoft's DirectAnimation is a suite of development functionality, predating Microsoft DirectX, that provides animation support for...

Update Protection against Microsoft Internet Explorer DirectAnimation Path (daxctle.ocx) Vulnerabilities (MS06-067)

Microsoft Internet Explorer IE contains heap overflow vulnerabilities. The vulnerabilities exist in Microsoft DirectAnimation Path ActiveX Control DirectAnimation.PathControl that is included in the COM object daxctle.ocx. DirectAnimation is a component of the DirectX family of APIs that provide...

Microsoft DirectAnimation Path ActiveX control fails to validate input

Overview The Microsoft DirectAnimation Path ActiveX control fails to properly validate input. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Microsoft DirectAnimation Path object is an ActiveX control that is used to move object...

CVE-2006-4777

Heap-based buffer overflow in the DirectAnimation Path Control DirectAnimation.PathControl COM object daxctle.ocx for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the...

CVE-2006-4777

Heap-based buffer overflow in the DirectAnimation Path Control DirectAnimation.PathControl COM object daxctle.ocx for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the...

CVE-2006-4777

CVE-2006-4777 corresponds to a heap-based buffer/memory corruption in the DirectAnimation PathControl (daxctle.ocx) KeyFrame method used by Internet Explorer 6.0 SP1 on certain Windows distributions. Public sources describe an integer overflow/ improper argument handling that can allow a remote a...

CVE-2006-4446

DirectAnimation PathControl (daxctle.ocx) in Internet Explorer 6.0 SP1 is affected by a heap-based buffer overflow (CVE-2006-4446) that can enable remote code execution. The vulnerability arises from handling an overly large argument to the Spline/PathControl methods, potentially allowing an atta...

Microsoft Internet Explorer 5.0.1 - Daxctle.OCX Spline Method Heap Buffer Overflow

Microsoft Internet Explorer 5.0.1 - Daxctle.OCX Spline Method Heap Buffer Overflow source: https://www.securityfocus.com/bid/19738/info Microsoft Internet Explorer is prone to a heap buffer-overflow vulnerability.. The vulnerability arises because of the way Internet Explorer tries to instantiate...

Microsoft Internet Explorer 5.0.1 - Daxctle.OCX Spline Method Heap Buffer Overflow

source: https://www.securityfocus.com/bid/19738/info Microsoft Internet Explorer is prone to a heap buffer-overflow vulnerability.. The vulnerability arises because of the way Internet Explorer tries to instantiate certain COM objects as ActiveX controls. An attacker can exploit this issue to...

CVE-2006-3513

danim.dll in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service application crash by accessing the Data property of a DirectAnimation DAUserData object before it is initialized, which triggers a NULL pointer dereference...

CVE-2006-3513

danim.dll in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service application crash by accessing the Data property of a DirectAnimation DAUserData object before it is initialized, which triggers a NULL pointer dereference...