CVE-2006-4777

CVE Database · CVE-2006-4777

CVE-2006-4777

· N/AModified

CVSS v3.1

N/A

EPSS

78.75%

Published

Sep 13, 2006

Modified

Apr 15, 2026

Public PoC / Exploit (3)

All weaponized →

Exploit-DBMicrosoft Internet Explorer - COM Object Remote Heap Overflow Exploit-DBMicrosoft Internet Explorer - Daxctle.OCX KeyFrame Method Heap Buffer Overflow (MS06-067) (Metasploit)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the KeyFrame method, possibly related to an integer overflow, as demonstrated by daxctle2, and a different vulnerability than CVE-2006-4446.

Weaknesses (CWE)

CWE-119

Affected Products (1)

microsoft · ievulnerable

References (20)

http://secunia.com/advisories/21910

Vendor Advisory

http://securityreason.com/securityalert/1577

http://securitytracker.com/id?1016854

http://www.kb.cert.org/vuls/id/377369

US Government Resource

http://www.microsoft.com/technet/security/advisory/925444.mspx

http://www.osvdb.org/28842

http://www.securityfocus.com/archive/1/445898/100/0/threaded

http://www.securityfocus.com/archive/1/446065/100/0/threaded

http://www.securityfocus.com/archive/1/446084/100/0/threaded

http://www.securityfocus.com/archive/1/446085/100/0/threaded

KEV Catalog EPSS Scores Vendors All CVEs