Microsoft Internet Explorer Daxctle.OCX KeyFrame Method Heap Buffer Overflow Vulnerability

Microsoft Internet Explorer Daxctle.OCX KeyFrame Method Heap Buffer Overflow Vulnerability

Microsoft Internet Explorer is prone to a heap-based buffer-overflow vulnerability.

The vulnerability arises because of the way Internet Explorer tries to instantiate certain COM objects as ActiveX controls.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

This issue is similar to, but separate from, the one described in BID 19738 (Microsoft Internet Explorer Daxctle.OCX Spline Method Heap Buffer Overflow Vulnerability).

Microsoft has released information stating that this issue is being exploited publicly in limited attacks.