Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for photouploader by facebook

    CVE-2008-5711 (GCVE-0-2008-5711)

    Vulnerability from nvd – Published: 2008-12-24 17:00 – Updated: 2024-08-07 11:04
    VLAI
    Summary
    Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/4805 third-party-advisoryx_refsource_SREASON
    https://www.exploit-db.com/exploits/5102 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/27756 vdb-entryx_refsource_BID
    Date Public
    2008-02-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T11:04:43.752Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "4805",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4805"
              },
              {
                "name": "5102",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/5102"
              },
              {
                "name": "27756",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27756"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-02-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "4805",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4805"
            },
            {
              "name": "5102",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/5102"
            },
            {
              "name": "27756",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27756"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-5711",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "4805",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4805"
                },
                {
                  "name": "5102",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/5102"
                },
                {
                  "name": "27756",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27756"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-5711",
        "datePublished": "2008-12-24T17:00:00.000Z",
        "dateReserved": "2008-12-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T11:04:43.752Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-0660 (GCVE-0-2008-0660)

    Vulnerability from nvd – Published: 2008-02-08 01:00 – Updated: 2024-08-07 07:54
    VLAI
    Summary
    Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://seclists.org/fulldisclosure/2008/Feb/0023.html mailing-listx_refsource_FULLDISC
    http://www.vupen.com/english/advisories/2008/0394… vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/27576 vdb-entryx_refsource_BID
    http://secunia.com/advisories/28707 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2008/0391… vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/28713 third-party-advisoryx_refsource_SECUNIA
    https://www.exploit-db.com/exploits/5049 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/27577 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id?1019297 vdb-entryx_refsource_SECTRACK
    http://www.kb.cert.org/vuls/id/776931 third-party-advisoryx_refsource_CERT-VN
    http://www.computerworld.com/action/article.do?co… x_refsource_MISC
    Date Public
    2008-02-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:54:22.958Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
              },
              {
                "name": "ADV-2008-0394",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0394/references"
              },
              {
                "name": "27576",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27576"
              },
              {
                "name": "28707",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28707"
              },
              {
                "name": "ADV-2008-0391",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0391/references"
              },
              {
                "name": "28713",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28713"
              },
              {
                "name": "5049",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/5049"
              },
              {
                "name": "27577",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27577"
              },
              {
                "name": "1019297",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1019297"
              },
              {
                "name": "VU#776931",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/776931"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-02-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
            },
            {
              "name": "ADV-2008-0394",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0394/references"
            },
            {
              "name": "27576",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27576"
            },
            {
              "name": "28707",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28707"
            },
            {
              "name": "ADV-2008-0391",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0391/references"
            },
            {
              "name": "28713",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28713"
            },
            {
              "name": "5049",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/5049"
            },
            {
              "name": "27577",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27577"
            },
            {
              "name": "1019297",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1019297"
            },
            {
              "name": "VU#776931",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/776931"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-0660",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
                },
                {
                  "name": "ADV-2008-0394",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0394/references"
                },
                {
                  "name": "27576",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27576"
                },
                {
                  "name": "28707",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28707"
                },
                {
                  "name": "ADV-2008-0391",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0391/references"
                },
                {
                  "name": "28713",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28713"
                },
                {
                  "name": "5049",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/5049"
                },
                {
                  "name": "27577",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27577"
                },
                {
                  "name": "1019297",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1019297"
                },
                {
                  "name": "VU#776931",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/776931"
                },
                {
                  "name": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483",
                  "refsource": "MISC",
                  "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-0660",
        "datePublished": "2008-02-08T01:00:00.000Z",
        "dateReserved": "2008-02-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:54:22.958Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-5711 (GCVE-0-2008-5711)

    Vulnerability from cvelistv5 – Published: 2008-12-24 17:00 – Updated: 2024-08-07 11:04
    VLAI
    Summary
    Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/4805 third-party-advisoryx_refsource_SREASON
    https://www.exploit-db.com/exploits/5102 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/27756 vdb-entryx_refsource_BID
    Date Public
    2008-02-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T11:04:43.752Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "4805",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4805"
              },
              {
                "name": "5102",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/5102"
              },
              {
                "name": "27756",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27756"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-02-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "4805",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4805"
            },
            {
              "name": "5102",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/5102"
            },
            {
              "name": "27756",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27756"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-5711",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "4805",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4805"
                },
                {
                  "name": "5102",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/5102"
                },
                {
                  "name": "27756",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27756"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-5711",
        "datePublished": "2008-12-24T17:00:00.000Z",
        "dateReserved": "2008-12-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T11:04:43.752Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-0660 (GCVE-0-2008-0660)

    Vulnerability from cvelistv5 – Published: 2008-02-08 01:00 – Updated: 2024-08-07 07:54
    VLAI
    Summary
    Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://seclists.org/fulldisclosure/2008/Feb/0023.html mailing-listx_refsource_FULLDISC
    http://www.vupen.com/english/advisories/2008/0394… vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/27576 vdb-entryx_refsource_BID
    http://secunia.com/advisories/28707 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2008/0391… vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/28713 third-party-advisoryx_refsource_SECUNIA
    https://www.exploit-db.com/exploits/5049 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/27577 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id?1019297 vdb-entryx_refsource_SECTRACK
    http://www.kb.cert.org/vuls/id/776931 third-party-advisoryx_refsource_CERT-VN
    http://www.computerworld.com/action/article.do?co… x_refsource_MISC
    Date Public
    2008-02-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:54:22.958Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
              },
              {
                "name": "ADV-2008-0394",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0394/references"
              },
              {
                "name": "27576",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27576"
              },
              {
                "name": "28707",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28707"
              },
              {
                "name": "ADV-2008-0391",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0391/references"
              },
              {
                "name": "28713",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28713"
              },
              {
                "name": "5049",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/5049"
              },
              {
                "name": "27577",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27577"
              },
              {
                "name": "1019297",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1019297"
              },
              {
                "name": "VU#776931",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/776931"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-02-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
            },
            {
              "name": "ADV-2008-0394",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0394/references"
            },
            {
              "name": "27576",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27576"
            },
            {
              "name": "28707",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28707"
            },
            {
              "name": "ADV-2008-0391",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0391/references"
            },
            {
              "name": "28713",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28713"
            },
            {
              "name": "5049",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/5049"
            },
            {
              "name": "27577",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27577"
            },
            {
              "name": "1019297",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1019297"
            },
            {
              "name": "VU#776931",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/776931"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-0660",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html"
                },
                {
                  "name": "ADV-2008-0394",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0394/references"
                },
                {
                  "name": "27576",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27576"
                },
                {
                  "name": "28707",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28707"
                },
                {
                  "name": "ADV-2008-0391",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0391/references"
                },
                {
                  "name": "28713",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28713"
                },
                {
                  "name": "5049",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/5049"
                },
                {
                  "name": "27577",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27577"
                },
                {
                  "name": "1019297",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1019297"
                },
                {
                  "name": "VU#776931",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/776931"
                },
                {
                  "name": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483",
                  "refsource": "MISC",
                  "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic\u0026articleId=9060483"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-0660",
        "datePublished": "2008-02-08T01:00:00.000Z",
        "dateReserved": "2008-02-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:54:22.958Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }