Search criteria
4 vulnerabilities found for photouploader by facebook
CVE-2008-5711 (GCVE-0-2008-5711)
Vulnerability from nvd – Published: 2008-12-24 17:00 – Updated: 2024-08-07 11:04
VLAI?
Summary
Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:04:43.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4805",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4805"
},
{
"name": "5102",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5102"
},
{
"name": "27756",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27756"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4805",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4805"
},
{
"name": "5102",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5102"
},
{
"name": "27756",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27756"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5711",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4805",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4805"
},
{
"name": "5102",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5102"
},
{
"name": "27756",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27756"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5711",
"datePublished": "2008-12-24T17:00:00",
"dateReserved": "2008-12-24T00:00:00",
"dateUpdated": "2024-08-07T11:04:43.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0660 (GCVE-0-2008-0660)
Vulnerability from nvd – Published: 2008-02-08 01:00 – Updated: 2024-08-07 07:54
VLAI?
Summary
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:22.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
},
{
"name": "ADV-2008-0394",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0394/references"
},
{
"name": "27576",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27576"
},
{
"name": "28707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28707"
},
{
"name": "ADV-2008-0391",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0391/references"
},
{
"name": "28713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28713"
},
{
"name": "5049",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5049"
},
{
"name": "27577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27577"
},
{
"name": "1019297",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019297"
},
{
"name": "VU#776931",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
},
{
"name": "ADV-2008-0394",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0394/references"
},
{
"name": "27576",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27576"
},
{
"name": "28707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28707"
},
{
"name": "ADV-2008-0391",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0391/references"
},
{
"name": "28713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28713"
},
{
"name": "5049",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5049"
},
{
"name": "27577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27577"
},
{
"name": "1019297",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019297"
},
{
"name": "VU#776931",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0660",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
},
{
"name": "ADV-2008-0394",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0394/references"
},
{
"name": "27576",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27576"
},
{
"name": "28707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28707"
},
{
"name": "ADV-2008-0391",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0391/references"
},
{
"name": "28713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28713"
},
{
"name": "5049",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5049"
},
{
"name": "27577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27577"
},
{
"name": "1019297",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019297"
},
{
"name": "VU#776931",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"name": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483",
"refsource": "MISC",
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0660",
"datePublished": "2008-02-08T01:00:00",
"dateReserved": "2008-02-07T00:00:00",
"dateUpdated": "2024-08-07T07:54:22.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5711 (GCVE-0-2008-5711)
Vulnerability from cvelistv5 – Published: 2008-12-24 17:00 – Updated: 2024-08-07 11:04
VLAI?
Summary
Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:04:43.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4805",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4805"
},
{
"name": "5102",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5102"
},
{
"name": "27756",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27756"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4805",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4805"
},
{
"name": "5102",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5102"
},
{
"name": "27756",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27756"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5711",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4805",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4805"
},
{
"name": "5102",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5102"
},
{
"name": "27756",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27756"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5711",
"datePublished": "2008-12-24T17:00:00",
"dateReserved": "2008-12-24T00:00:00",
"dateUpdated": "2024-08-07T11:04:43.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0660 (GCVE-0-2008-0660)
Vulnerability from cvelistv5 – Published: 2008-02-08 01:00 – Updated: 2024-08-07 07:54
VLAI?
Summary
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:22.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
},
{
"name": "ADV-2008-0394",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0394/references"
},
{
"name": "27576",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27576"
},
{
"name": "28707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28707"
},
{
"name": "ADV-2008-0391",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0391/references"
},
{
"name": "28713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28713"
},
{
"name": "5049",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5049"
},
{
"name": "27577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27577"
},
{
"name": "1019297",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019297"
},
{
"name": "VU#776931",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
},
{
"name": "ADV-2008-0394",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0394/references"
},
{
"name": "27576",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27576"
},
{
"name": "28707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28707"
},
{
"name": "ADV-2008-0391",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0391/references"
},
{
"name": "28713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28713"
},
{
"name": "5049",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5049"
},
{
"name": "27577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27577"
},
{
"name": "1019297",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019297"
},
{
"name": "VU#776931",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0660",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
},
{
"name": "ADV-2008-0394",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0394/references"
},
{
"name": "27576",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27576"
},
{
"name": "28707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28707"
},
{
"name": "ADV-2008-0391",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0391/references"
},
{
"name": "28713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28713"
},
{
"name": "5049",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5049"
},
{
"name": "27577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27577"
},
{
"name": "1019297",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019297"
},
{
"name": "VU#776931",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/776931"
},
{
"name": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483",
"refsource": "MISC",
"url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0660",
"datePublished": "2008-02-08T01:00:00",
"dateReserved": "2008-02-07T00:00:00",
"dateUpdated": "2024-08-07T07:54:22.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}