MS.IE.Daxctle.OCX.Spline.Method.Buffer.Overflow
Description
This indicates an attack attempt against a heap-based buffer-overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer which is caused by a Spline function call whose first argument specifies a large number of points.
Successful exploitation could allow remote attackers to execute arbitrary code within the context of the affected application.
Affected Products
Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 5.0.1 SP4
Microsoft Internet Explorer 5.0.1 SP3
Microsoft Internet Explorer 5.0.1 SP2
Microsoft Internet Explorer 5.0.1 SP1
Microsoft Internet Explorer 5.0.1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply patch, available from the web site:
http://www.microsoft.com/technet/security/bulletin/ms06-067.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-06-14 | 18.097 | Sig Added |