Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for image_uploader_activex_control by aurigma

    CVE-2008-1490 (GCVE-0-2008-1490)

    Vulnerability from nvd – Published: 2008-03-25 19:00 – Updated: 2024-08-07 08:24
    VLAI
    Summary
    Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/28354 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://marc.info/?l=bugtraq&m=120605071403813&w=2 mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/29445 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2008-03-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:24:42.155Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "28354",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/28354"
              },
              {
                "name": "aurigma-imageuploader41-bo(40152)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40152"
              },
              {
                "name": "20080320 Pizco vulnerable to buffer overflow in activex",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=120605071403813\u0026w=2"
              },
              {
                "name": "29445",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29445"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-03-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "28354",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/28354"
            },
            {
              "name": "aurigma-imageuploader41-bo(40152)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40152"
            },
            {
              "name": "20080320 Pizco vulnerable to buffer overflow in activex",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=120605071403813\u0026w=2"
            },
            {
              "name": "29445",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29445"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1490",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "28354",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/28354"
                },
                {
                  "name": "aurigma-imageuploader41-bo(40152)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40152"
                },
                {
                  "name": "20080320 Pizco vulnerable to buffer overflow in activex",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=120605071403813\u0026w=2"
                },
                {
                  "name": "29445",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29445"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1490",
        "datePublished": "2008-03-25T19:00:00.000Z",
        "dateReserved": "2008-03-25T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:24:42.155Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-0659 (GCVE-0-2008-0659)

    Vulnerability from nvd – Published: 2008-02-08 01:00 – Updated: 2024-08-07 07:54
    VLAI
    Summary
    Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/28733 third-party-advisoryx_refsource_SECUNIA
    http://blogs.aurigma.com/post/2008/01/Another-sec… x_refsource_CONFIRM
    http://secunia.com/advisories/28715 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/27533 vdb-entryx_refsource_BID
    http://seclists.org/fulldisclosure/2008/Jan/0593.html mailing-listx_refsource_FULLDISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2008/0345… vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2008/0344… vdb-entryx_refsource_VUPEN
    http://www.kb.cert.org/vuls/id/776931 third-party-advisoryx_refsource_CERT-VN
    https://www.exploit-db.com/exploits/5025 exploitx_refsource_EXPLOIT-DB
    http://www.computerworld.com/action/article.do?co… x_refsource_MISC
    Date Public
    2008-01-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:54:22.819Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "28733",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28733"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx"
              },
              {
                "name": "28715",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28715"
              },
              {
                "name": "27533",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27533"
              },
              {
                "name": "20080131 MySpace Uploader ActiveX Control Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2008/Jan/0593.html"
              },
              {
                "name": "myspace-myspaceuploader-bo(40118)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40118"
              },
              {
                "name": "ADV-2008-0345",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0345/references"
              },
              {
                "name": "ADV-2008-0344",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0344/references"
              },
              {
                "name": "VU#776931",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/776931"
              },
              {
                "name": "5025",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/5025"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-01-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "28733",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28733"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx"
            },
            {
              "name": "28715",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28715"
            },
            {
              "name": "27533",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27533"
            },
            {
              "name": "20080131 MySpace Uploader ActiveX Control Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2008/Jan/0593.html"
            },
            {
              "name": "myspace-myspaceuploader-bo(40118)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40118"
            },
            {
              "name": "ADV-2008-0345",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0345/references"
            },
            {
              "name": "ADV-2008-0344",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0344/references"
            },
            {
              "name": "VU#776931",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/776931"
            },
            {
              "name": "5025",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/5025"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-0659",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "28733",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28733"
                },
                {
                  "name": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx",
                  "refsource": "CONFIRM",
                  "url": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx"
                },
                {
                  "name": "28715",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28715"
                },
                {
                  "name": "27533",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27533"
                },
                {
                  "name": "20080131 MySpace Uploader ActiveX Control Buffer Overflow",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2008/Jan/0593.html"
                },
                {
                  "name": "myspace-myspaceuploader-bo(40118)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40118"
                },
                {
                  "name": "ADV-2008-0345",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0345/references"
                },
                {
                  "name": "ADV-2008-0344",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0344/references"
                },
                {
                  "name": "VU#776931",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/776931"
                },
                {
                  "name": "5025",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/5025"
                },
                {
                  "name": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483",
                  "refsource": "MISC",
                  "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-0659",
        "datePublished": "2008-02-08T01:00:00.000Z",
        "dateReserved": "2008-02-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:54:22.819Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-0660 (GCVE-0-2008-0660)

    Vulnerability from nvd – Published: 2008-02-08 01:00 – Updated: 2024-08-07 07:54
    VLAI
    Summary
    Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://seclists.org/fulldisclosure/2008/Feb/0023.html mailing-listx_refsource_FULLDISC
    http://www.vupen.com/english/advisories/2008/0394… vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/27576 vdb-entryx_refsource_BID
    http://secunia.com/advisories/28707 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2008/0391… vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/28713 third-party-advisoryx_refsource_SECUNIA
    https://www.exploit-db.com/exploits/5049 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/27577 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id?1019297 vdb-entryx_refsource_SECTRACK
    http://www.kb.cert.org/vuls/id/776931 third-party-advisoryx_refsource_CERT-VN
    http://www.computerworld.com/action/article.do?co… x_refsource_MISC
    Date Public
    2008-02-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:54:22.958Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
              },
              {
                "name": "ADV-2008-0394",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0394/references"
              },
              {
                "name": "27576",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27576"
              },
              {
                "name": "28707",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28707"
              },
              {
                "name": "ADV-2008-0391",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0391/references"
              },
              {
                "name": "28713",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28713"
              },
              {
                "name": "5049",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/5049"
              },
              {
                "name": "27577",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27577"
              },
              {
                "name": "1019297",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1019297"
              },
              {
                "name": "VU#776931",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/776931"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-02-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
            },
            {
              "name": "ADV-2008-0394",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0394/references"
            },
            {
              "name": "27576",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27576"
            },
            {
              "name": "28707",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28707"
            },
            {
              "name": "ADV-2008-0391",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0391/references"
            },
            {
              "name": "28713",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28713"
            },
            {
              "name": "5049",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/5049"
            },
            {
              "name": "27577",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27577"
            },
            {
              "name": "1019297",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1019297"
            },
            {
              "name": "VU#776931",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/776931"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-0660",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
                },
                {
                  "name": "ADV-2008-0394",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0394/references"
                },
                {
                  "name": "27576",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27576"
                },
                {
                  "name": "28707",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28707"
                },
                {
                  "name": "ADV-2008-0391",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0391/references"
                },
                {
                  "name": "28713",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28713"
                },
                {
                  "name": "5049",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/5049"
                },
                {
                  "name": "27577",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27577"
                },
                {
                  "name": "1019297",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1019297"
                },
                {
                  "name": "VU#776931",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/776931"
                },
                {
                  "name": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483",
                  "refsource": "MISC",
                  "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-0660",
        "datePublished": "2008-02-08T01:00:00.000Z",
        "dateReserved": "2008-02-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:54:22.958Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-1490 (GCVE-0-2008-1490)

    Vulnerability from cvelistv5 – Published: 2008-03-25 19:00 – Updated: 2024-08-07 08:24
    VLAI
    Summary
    Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/28354 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://marc.info/?l=bugtraq&m=120605071403813&w=2 mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/29445 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2008-03-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:24:42.155Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "28354",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/28354"
              },
              {
                "name": "aurigma-imageuploader41-bo(40152)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40152"
              },
              {
                "name": "20080320 Pizco vulnerable to buffer overflow in activex",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=120605071403813\u0026w=2"
              },
              {
                "name": "29445",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29445"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-03-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "28354",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/28354"
            },
            {
              "name": "aurigma-imageuploader41-bo(40152)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40152"
            },
            {
              "name": "20080320 Pizco vulnerable to buffer overflow in activex",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=120605071403813\u0026w=2"
            },
            {
              "name": "29445",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29445"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1490",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "28354",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/28354"
                },
                {
                  "name": "aurigma-imageuploader41-bo(40152)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40152"
                },
                {
                  "name": "20080320 Pizco vulnerable to buffer overflow in activex",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=120605071403813\u0026w=2"
                },
                {
                  "name": "29445",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29445"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1490",
        "datePublished": "2008-03-25T19:00:00.000Z",
        "dateReserved": "2008-03-25T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:24:42.155Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-0659 (GCVE-0-2008-0659)

    Vulnerability from cvelistv5 – Published: 2008-02-08 01:00 – Updated: 2024-08-07 07:54
    VLAI
    Summary
    Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/28733 third-party-advisoryx_refsource_SECUNIA
    http://blogs.aurigma.com/post/2008/01/Another-sec… x_refsource_CONFIRM
    http://secunia.com/advisories/28715 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/27533 vdb-entryx_refsource_BID
    http://seclists.org/fulldisclosure/2008/Jan/0593.html mailing-listx_refsource_FULLDISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2008/0345… vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2008/0344… vdb-entryx_refsource_VUPEN
    http://www.kb.cert.org/vuls/id/776931 third-party-advisoryx_refsource_CERT-VN
    https://www.exploit-db.com/exploits/5025 exploitx_refsource_EXPLOIT-DB
    http://www.computerworld.com/action/article.do?co… x_refsource_MISC
    Date Public
    2008-01-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:54:22.819Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "28733",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28733"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx"
              },
              {
                "name": "28715",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28715"
              },
              {
                "name": "27533",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27533"
              },
              {
                "name": "20080131 MySpace Uploader ActiveX Control Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2008/Jan/0593.html"
              },
              {
                "name": "myspace-myspaceuploader-bo(40118)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40118"
              },
              {
                "name": "ADV-2008-0345",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0345/references"
              },
              {
                "name": "ADV-2008-0344",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0344/references"
              },
              {
                "name": "VU#776931",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/776931"
              },
              {
                "name": "5025",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/5025"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-01-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "28733",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28733"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx"
            },
            {
              "name": "28715",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28715"
            },
            {
              "name": "27533",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27533"
            },
            {
              "name": "20080131 MySpace Uploader ActiveX Control Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2008/Jan/0593.html"
            },
            {
              "name": "myspace-myspaceuploader-bo(40118)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40118"
            },
            {
              "name": "ADV-2008-0345",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0345/references"
            },
            {
              "name": "ADV-2008-0344",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0344/references"
            },
            {
              "name": "VU#776931",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/776931"
            },
            {
              "name": "5025",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/5025"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-0659",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "28733",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28733"
                },
                {
                  "name": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx",
                  "refsource": "CONFIRM",
                  "url": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx"
                },
                {
                  "name": "28715",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28715"
                },
                {
                  "name": "27533",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27533"
                },
                {
                  "name": "20080131 MySpace Uploader ActiveX Control Buffer Overflow",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2008/Jan/0593.html"
                },
                {
                  "name": "myspace-myspaceuploader-bo(40118)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40118"
                },
                {
                  "name": "ADV-2008-0345",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0345/references"
                },
                {
                  "name": "ADV-2008-0344",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0344/references"
                },
                {
                  "name": "VU#776931",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/776931"
                },
                {
                  "name": "5025",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/5025"
                },
                {
                  "name": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483",
                  "refsource": "MISC",
                  "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-0659",
        "datePublished": "2008-02-08T01:00:00.000Z",
        "dateReserved": "2008-02-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:54:22.819Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-0660 (GCVE-0-2008-0660)

    Vulnerability from cvelistv5 – Published: 2008-02-08 01:00 – Updated: 2024-08-07 07:54
    VLAI
    Summary
    Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://seclists.org/fulldisclosure/2008/Feb/0023.html mailing-listx_refsource_FULLDISC
    http://www.vupen.com/english/advisories/2008/0394… vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/27576 vdb-entryx_refsource_BID
    http://secunia.com/advisories/28707 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2008/0391… vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/28713 third-party-advisoryx_refsource_SECUNIA
    https://www.exploit-db.com/exploits/5049 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/27577 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id?1019297 vdb-entryx_refsource_SECTRACK
    http://www.kb.cert.org/vuls/id/776931 third-party-advisoryx_refsource_CERT-VN
    http://www.computerworld.com/action/article.do?co… x_refsource_MISC
    Date Public
    2008-02-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:54:22.958Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
              },
              {
                "name": "ADV-2008-0394",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0394/references"
              },
              {
                "name": "27576",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27576"
              },
              {
                "name": "28707",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28707"
              },
              {
                "name": "ADV-2008-0391",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0391/references"
              },
              {
                "name": "28713",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28713"
              },
              {
                "name": "5049",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/5049"
              },
              {
                "name": "27577",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27577"
              },
              {
                "name": "1019297",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1019297"
              },
              {
                "name": "VU#776931",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/776931"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-02-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
            },
            {
              "name": "ADV-2008-0394",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0394/references"
            },
            {
              "name": "27576",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27576"
            },
            {
              "name": "28707",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28707"
            },
            {
              "name": "ADV-2008-0391",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0391/references"
            },
            {
              "name": "28713",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28713"
            },
            {
              "name": "5049",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/5049"
            },
            {
              "name": "27577",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27577"
            },
            {
              "name": "1019297",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1019297"
            },
            {
              "name": "VU#776931",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/776931"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-0660",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
                },
                {
                  "name": "ADV-2008-0394",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0394/references"
                },
                {
                  "name": "27576",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27576"
                },
                {
                  "name": "28707",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28707"
                },
                {
                  "name": "ADV-2008-0391",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0391/references"
                },
                {
                  "name": "28713",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28713"
                },
                {
                  "name": "5049",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/5049"
                },
                {
                  "name": "27577",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27577"
                },
                {
                  "name": "1019297",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1019297"
                },
                {
                  "name": "VU#776931",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/776931"
                },
                {
                  "name": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483",
                  "refsource": "MISC",
                  "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-0660",
        "datePublished": "2008-02-08T01:00:00.000Z",
        "dateReserved": "2008-02-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:54:22.958Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }