Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-4777

EPSS 87.57% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-4777

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the KeyFrame method, possibly related to an integer overflow, as demonstrated by daxctle2, and a different vulnerability than CVE-2006-4446.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft IE 'daxctle.ocx' 堆溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Internet Explorer是一款微软开发的非常流行的WEB浏览器。 Microsoft IE的daxctle.ocx ActiveX控件实现上存在堆溢出漏洞,远程攻击者可能利用此漏洞在在用户机器上执行任意指令。 Multimedia Controls ActiveX控件(daxctle.ocx)的CPathCtl::KeyFrame()函数存在溢出漏洞。如果HTML文档处理对ActiveX控件的KeyFrame()方式所传送的特制参数,则用户受骗访问了这样的恶意HTML文档就会导致执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-4777

#POC DescriptionSource LinkShenlong Link
1malware del lado del cliente de explotacion de vulnerabilidad de internet explorer 6.0 SP1 en windows xp SP2. No requiere de consentimiento por parte del usuario y no descarga ningun archivohttps://github.com/Mario1234/js-driveby-download-CVE-2006-4777POC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-4777

Please Login to view more intelligence information

Same Patch Batch · n/a · 2006-09-14 · 37 CVEs total

CVE-2006-4724Adobe ColdFusion Flash Remoting Gateway 拒绝服务漏洞
CVE-2006-4783WebSPELL 'squads.php'SQL注入漏洞
CVE-2006-4784Moodle 多个跨站脚本攻击漏洞
CVE-2006-4785Moodle 'blog/edit.php'SQL注入漏洞
CVE-2006-4786Moodle 敏感信息泄露漏洞
CVE-2006-4787AlphaMail 敏感信息泄露漏洞
CVE-2006-4788Telekorn SignKorn Guestbook 'log.inc.php'PHP远程文件包含漏洞
CVE-2006-4789Open Movie Editor 缓冲区溢出漏洞
CVE-2006-3454Symantec AntiVirus 格式串处理漏洞
CVE-2006-4782WebSPELL 'Database.PHP'认证绕过漏洞
CVE-2006-4725Macromedia ColdFusion MX 绕过安全限制漏洞
CVE-2006-4726Adobe ColdFusion MX 跨站脚本攻击漏洞
CVE-2006-4771ForumJBC 'haut.php'跨站脚本攻击漏洞
CVE-2006-4772HotPlug CMS 访问控制漏洞
CVE-2006-4773Sun StorEdge 6130数组控制器拒绝服务漏洞
CVE-2006-4774Cisco IOS多个VLAN中继协议实现安全漏洞
CVE-2006-4775Cisco IOS多个VLAN中继协议实现安全漏洞
CVE-2006-4776Cisco IOS 多个VLAN中继协议实现安全漏洞
CVE-2006-4796Snitz Forums 2000 'forum.asp'跨站脚本攻击漏洞
CVE-2006-4800Ffmpeg 多个缓冲区溢出漏洞

Showing top 20 of 37 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-4777

No comments yet

Leave a comment