[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-0660

Date: (C)2008-02-07   (M)2017-10-04 


Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.

CVSS Score: 9.3Access Vector: NETWORK
Exploit Score: 8.6Access Complexity: MEDIUM
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECTRACK-1019297
http://seclists.org/fulldisclosure/2008/Feb/0023.html
BID-27576
BID-27577
SECUNIA-28707
SECUNIA-28713
EXPLOIT-DB-5049
ADV-2008-0391
ADV-2008-0394
VU#776931
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9060483

CWE    1
CWE-119

© 2013 SecPod Technologies