MS.IE.Daxctle.OCX.Spline.Method.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a heap-based buffer-overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer which is caused by a Spline function call whose first argument specifies a large number of points.
Successful exploitation could allow remote attackers to execute arbitrary code within the context of the affected application.

affected-products-logoAffected Products

Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 5.0.1 SP4
Microsoft Internet Explorer 5.0.1 SP3
Microsoft Internet Explorer 5.0.1 SP2
Microsoft Internet Explorer 5.0.1 SP1
Microsoft Internet Explorer 5.0.1

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Apply patch, available from the web site:
http://www.microsoft.com/technet/security/bulletin/ms06-067.mspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-06-14 18.097 Sig Added