Search
Find a vulnerability
Search criteria
6 vulnerabilities found for image_uploader_activex_control by aurigma
CVE-2008-1490 (GCVE-0-2008-1490)
Vulnerability from nvd – Published: 2008-03-25 19:00 – Updated: 2024-08-07 08:24
VLAI
Summary
Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/28354 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://marc.info/?l=bugtraq&m=120605071403813&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/29445 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-03-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:42.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28354",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28354"
},
{
"name": "aurigma-imageuploader41-bo(40152)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40152"
},
{
"name": "20080320 Pizco vulnerable to buffer overflow in activex",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=120605071403813\u0026w=2"
},
{
"name": "29445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29445"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28354",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28354"
},
{
"name": "aurigma-imageuploader41-bo(40152)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40152"
},
{
"name": "20080320 Pizco vulnerable to buffer overflow in activex",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=120605071403813\u0026w=2"
},
{
"name": "29445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29445"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1490",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28354",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28354"
},
{
"name": "aurigma-imageuploader41-bo(40152)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40152"
},
{
"name": "20080320 Pizco vulnerable to buffer overflow in activex",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=120605071403813\u0026w=2"
},
{
"name": "29445",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29445"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1490",
"datePublished": "2008-03-25T19:00:00.000Z",
"dateReserved": "2008-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:24:42.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0659 (GCVE-0-2008-0659)
Vulnerability from nvd – Published: 2008-02-08 01:00 – Updated: 2024-08-07 07:54
VLAI
Summary
Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/28733 | third-party-advisoryx_refsource_SECUNIA |
| http://blogs.aurigma.com/post/2008/01/Another-sec… | x_refsource_CONFIRM |
| http://secunia.com/advisories/28715 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/27533 | vdb-entryx_refsource_BID |
| http://seclists.org/fulldisclosure/2008/Jan/0593.html | mailing-listx_refsource_FULLDISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2008/0345… | vdb-entryx_refsource_VUPEN |
| http://www.vupen.com/english/advisories/2008/0344… | vdb-entryx_refsource_VUPEN |
| http://www.kb.cert.org/vuls/id/776931 | third-party-advisoryx_refsource_CERT-VN |
| https://www.exploit-db.com/exploits/5025 | exploitx_refsource_EXPLOIT-DB |
| http://www.computerworld.com/action/article.do?co… | x_refsource_MISC |
Date Public
2008-01-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:22.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28733",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28733"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx"
},
{
"name": "28715",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28715"
},
{
"name": "27533",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27533"
},
{
"name": "20080131 MySpace Uploader ActiveX Control Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2008/Jan/0593.html"
},
{
"name": "myspace-myspaceuploader-bo(40118)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40118"
},
{
"name": "ADV-2008-0345",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0345/references"
},
{
"name": "ADV-2008-0344",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0344/references"
},
{
"name": "VU#776931",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"name": "5025",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5025"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28733",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28733"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx"
},
{
"name": "28715",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28715"
},
{
"name": "27533",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27533"
},
{
"name": "20080131 MySpace Uploader ActiveX Control Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2008/Jan/0593.html"
},
{
"name": "myspace-myspaceuploader-bo(40118)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40118"
},
{
"name": "ADV-2008-0345",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0345/references"
},
{
"name": "ADV-2008-0344",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0344/references"
},
{
"name": "VU#776931",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"name": "5025",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5025"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28733",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28733"
},
{
"name": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx",
"refsource": "CONFIRM",
"url": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx"
},
{
"name": "28715",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28715"
},
{
"name": "27533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27533"
},
{
"name": "20080131 MySpace Uploader ActiveX Control Buffer Overflow",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2008/Jan/0593.html"
},
{
"name": "myspace-myspaceuploader-bo(40118)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40118"
},
{
"name": "ADV-2008-0345",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0345/references"
},
{
"name": "ADV-2008-0344",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0344/references"
},
{
"name": "VU#776931",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"name": "5025",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5025"
},
{
"name": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483",
"refsource": "MISC",
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0659",
"datePublished": "2008-02-08T01:00:00.000Z",
"dateReserved": "2008-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:54:22.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0660 (GCVE-0-2008-0660)
Vulnerability from nvd – Published: 2008-02-08 01:00 – Updated: 2024-08-07 07:54
VLAI
Summary
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://seclists.org/fulldisclosure/2008/Feb/0023.html | mailing-listx_refsource_FULLDISC |
| http://www.vupen.com/english/advisories/2008/0394… | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/27576 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/28707 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2008/0391… | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/28713 | third-party-advisoryx_refsource_SECUNIA |
| https://www.exploit-db.com/exploits/5049 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/bid/27577 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id?1019297 | vdb-entryx_refsource_SECTRACK |
| http://www.kb.cert.org/vuls/id/776931 | third-party-advisoryx_refsource_CERT-VN |
| http://www.computerworld.com/action/article.do?co… | x_refsource_MISC |
Date Public
2008-02-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:22.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
},
{
"name": "ADV-2008-0394",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0394/references"
},
{
"name": "27576",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27576"
},
{
"name": "28707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28707"
},
{
"name": "ADV-2008-0391",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0391/references"
},
{
"name": "28713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28713"
},
{
"name": "5049",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5049"
},
{
"name": "27577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27577"
},
{
"name": "1019297",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019297"
},
{
"name": "VU#776931",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
},
{
"name": "ADV-2008-0394",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0394/references"
},
{
"name": "27576",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27576"
},
{
"name": "28707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28707"
},
{
"name": "ADV-2008-0391",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0391/references"
},
{
"name": "28713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28713"
},
{
"name": "5049",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5049"
},
{
"name": "27577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27577"
},
{
"name": "1019297",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019297"
},
{
"name": "VU#776931",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0660",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
},
{
"name": "ADV-2008-0394",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0394/references"
},
{
"name": "27576",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27576"
},
{
"name": "28707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28707"
},
{
"name": "ADV-2008-0391",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0391/references"
},
{
"name": "28713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28713"
},
{
"name": "5049",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5049"
},
{
"name": "27577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27577"
},
{
"name": "1019297",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019297"
},
{
"name": "VU#776931",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"name": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483",
"refsource": "MISC",
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0660",
"datePublished": "2008-02-08T01:00:00.000Z",
"dateReserved": "2008-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:54:22.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1490 (GCVE-0-2008-1490)
Vulnerability from cvelistv5 – Published: 2008-03-25 19:00 – Updated: 2024-08-07 08:24
VLAI
Summary
Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/28354 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://marc.info/?l=bugtraq&m=120605071403813&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/29445 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-03-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:42.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28354",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28354"
},
{
"name": "aurigma-imageuploader41-bo(40152)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40152"
},
{
"name": "20080320 Pizco vulnerable to buffer overflow in activex",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=120605071403813\u0026w=2"
},
{
"name": "29445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29445"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28354",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28354"
},
{
"name": "aurigma-imageuploader41-bo(40152)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40152"
},
{
"name": "20080320 Pizco vulnerable to buffer overflow in activex",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=120605071403813\u0026w=2"
},
{
"name": "29445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29445"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1490",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28354",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28354"
},
{
"name": "aurigma-imageuploader41-bo(40152)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40152"
},
{
"name": "20080320 Pizco vulnerable to buffer overflow in activex",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=120605071403813\u0026w=2"
},
{
"name": "29445",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29445"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1490",
"datePublished": "2008-03-25T19:00:00.000Z",
"dateReserved": "2008-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:24:42.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0659 (GCVE-0-2008-0659)
Vulnerability from cvelistv5 – Published: 2008-02-08 01:00 – Updated: 2024-08-07 07:54
VLAI
Summary
Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/28733 | third-party-advisoryx_refsource_SECUNIA |
| http://blogs.aurigma.com/post/2008/01/Another-sec… | x_refsource_CONFIRM |
| http://secunia.com/advisories/28715 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/27533 | vdb-entryx_refsource_BID |
| http://seclists.org/fulldisclosure/2008/Jan/0593.html | mailing-listx_refsource_FULLDISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2008/0345… | vdb-entryx_refsource_VUPEN |
| http://www.vupen.com/english/advisories/2008/0344… | vdb-entryx_refsource_VUPEN |
| http://www.kb.cert.org/vuls/id/776931 | third-party-advisoryx_refsource_CERT-VN |
| https://www.exploit-db.com/exploits/5025 | exploitx_refsource_EXPLOIT-DB |
| http://www.computerworld.com/action/article.do?co… | x_refsource_MISC |
Date Public
2008-01-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:22.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28733",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28733"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx"
},
{
"name": "28715",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28715"
},
{
"name": "27533",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27533"
},
{
"name": "20080131 MySpace Uploader ActiveX Control Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2008/Jan/0593.html"
},
{
"name": "myspace-myspaceuploader-bo(40118)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40118"
},
{
"name": "ADV-2008-0345",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0345/references"
},
{
"name": "ADV-2008-0344",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0344/references"
},
{
"name": "VU#776931",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"name": "5025",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5025"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28733",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28733"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx"
},
{
"name": "28715",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28715"
},
{
"name": "27533",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27533"
},
{
"name": "20080131 MySpace Uploader ActiveX Control Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2008/Jan/0593.html"
},
{
"name": "myspace-myspaceuploader-bo(40118)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40118"
},
{
"name": "ADV-2008-0345",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0345/references"
},
{
"name": "ADV-2008-0344",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0344/references"
},
{
"name": "VU#776931",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"name": "5025",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5025"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28733",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28733"
},
{
"name": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx",
"refsource": "CONFIRM",
"url": "http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx"
},
{
"name": "28715",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28715"
},
{
"name": "27533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27533"
},
{
"name": "20080131 MySpace Uploader ActiveX Control Buffer Overflow",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2008/Jan/0593.html"
},
{
"name": "myspace-myspaceuploader-bo(40118)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40118"
},
{
"name": "ADV-2008-0345",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0345/references"
},
{
"name": "ADV-2008-0344",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0344/references"
},
{
"name": "VU#776931",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"name": "5025",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5025"
},
{
"name": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483",
"refsource": "MISC",
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0659",
"datePublished": "2008-02-08T01:00:00.000Z",
"dateReserved": "2008-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:54:22.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0660 (GCVE-0-2008-0660)
Vulnerability from cvelistv5 – Published: 2008-02-08 01:00 – Updated: 2024-08-07 07:54
VLAI
Summary
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://seclists.org/fulldisclosure/2008/Feb/0023.html | mailing-listx_refsource_FULLDISC |
| http://www.vupen.com/english/advisories/2008/0394… | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/27576 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/28707 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2008/0391… | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/28713 | third-party-advisoryx_refsource_SECUNIA |
| https://www.exploit-db.com/exploits/5049 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/bid/27577 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id?1019297 | vdb-entryx_refsource_SECTRACK |
| http://www.kb.cert.org/vuls/id/776931 | third-party-advisoryx_refsource_CERT-VN |
| http://www.computerworld.com/action/article.do?co… | x_refsource_MISC |
Date Public
2008-02-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:22.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
},
{
"name": "ADV-2008-0394",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0394/references"
},
{
"name": "27576",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27576"
},
{
"name": "28707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28707"
},
{
"name": "ADV-2008-0391",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0391/references"
},
{
"name": "28713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28713"
},
{
"name": "5049",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5049"
},
{
"name": "27577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27577"
},
{
"name": "1019297",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019297"
},
{
"name": "VU#776931",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
},
{
"name": "ADV-2008-0394",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0394/references"
},
{
"name": "27576",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27576"
},
{
"name": "28707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28707"
},
{
"name": "ADV-2008-0391",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0391/references"
},
{
"name": "28713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28713"
},
{
"name": "5049",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5049"
},
{
"name": "27577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27577"
},
{
"name": "1019297",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019297"
},
{
"name": "VU#776931",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0660",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
},
{
"name": "ADV-2008-0394",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0394/references"
},
{
"name": "27576",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27576"
},
{
"name": "28707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28707"
},
{
"name": "ADV-2008-0391",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0391/references"
},
{
"name": "28713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28713"
},
{
"name": "5049",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5049"
},
{
"name": "27577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27577"
},
{
"name": "1019297",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019297"
},
{
"name": "VU#776931",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"name": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483",
"refsource": "MISC",
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0660",
"datePublished": "2008-02-08T01:00:00.000Z",
"dateReserved": "2008-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:54:22.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}