A new Internet Explorer bug was published on Monday. It’s been given a CVE (2006-4446) and affects IE 6.0 SP1. It’s worth considering alternative browsers. Details from bugtraq indicate that it’s a buffer overflow in the DirectAnimation.PathControl COM Object(daxctle.ocx)… could cause DoS and possibly remote code execution.
Tag: CVE
-
3 Critical Microsoft Updates, 1 Important, 1 Moderate and 1 re-released
Looks like an interesting patch day. Looks like there are several bugs covered by the cumulative IE patch… Sans has a good writeup (7 CVE issues addressed by this 1 patch….) Also the Eolas ActiveX settlement (“Eolas Patent Patch”) solution seems to be included in this bundle. Also a MDAC and a Windows Explorer (not to be confused with the Internet Explorer) patch. (The Windows Explorer AND MDAC bugs are Remote code execution vulnerabilities…)