Loading
Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the KeyFrame method, possibly related to an integer overflow, as demonstrated by daxctle2, and a different vulnerability than CVE-2006-4446.
Use CWE-119, Microsoft vendor hub and Ie product page to widen CVE-2006-4777 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2009-0552, CVE-2012-1545 and CVE-2009-2069 for nearby disclosures in the same product family. Additional editorial context is available in Weekly Security Roundup: Navigating the April 2026 Threat Landscape and Critical Framework Exploits.