CVE-2006-4446
published 2006-08-30CVE-2006-4446: Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a…
medium5CVSS 3.1
AVNACLAuNCNINAP
EXPLOIT
Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first argument specifies a large number of points.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | ie | — | — |
| microsoft | ie | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
CVSS provenance
nvd7.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
vulncheck5.0MEDIUM