5

CVE-2006-4446

Exploit
Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first argument specifies a large number of points.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftIe Version6.0 Updatesp1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 60.33% 0.99
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.us-cert.gov/cas/techalerts/TA06-318A.html
US Government Resource
http://secunia.com/advisories/21910
http://securityreason.com/securityalert/1468
http://securitytracker.com/id?1016764
http://www.osvdb.org/28841
http://www.securityfocus.com/archive/1/444504/100/0/threaded
http://www.securityfocus.com/bid/19738
Exploit
http://www.xsec.org/index.php?module=releases&act=view&type=1&id=19
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-067
https://exchange.xforce.ibmcloud.com/vulnerabilities/28608
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A437