CVSS: 9.3EPSS: 4%CPEs: 2EXPL: 0CVE-2008-1490
https://notcve.org/view.php?id=CVE-2008-1490
Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659. Desbordamiento de búfer en Arigma, un control Active X determinado de ImageUploader4.ocx 4.1.36.0, usado con Piczo (también conocido como Pizco) y posiblemente otros servicios en línea, permite a atacantes remotos ejecutar código de su elección mediante vectores sin especificar, posiblemente implicando una propiedad larga Action, una CLSID diferente de la CVE-2008-0659. • http://marc.info/?l=bugtraq&m=120605071403813&w=2 http://secunia.com/advisories/29445 http://www.securityfocus.com/bid/28354 https://exchange.xforce.ibmcloud.com/vulnerabilities/40152 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 65%CPEs: 2EXPL: 2CVE-2008-0659 – MySpace Uploader - 'MySpaceUploader.ocx 1.0.0.4' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-0659
Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property. Desbordamiento de búfer basado en pila en el control ActiveX de Aurigma Image Uploader (ImageUploader4.ocx) versiones 4.5.70 y anteriores, como se usa en MySpace MySpaceUploader.ocx 1.0.0.4, permite a atacantes remotos ejecutar código arbitrario a través de una propiedad larga Action. • https://www.exploit-db.com/exploits/5025 http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx http://seclists.org/fulldisclosure/2008/Jan/0593.html http://secunia.com/advisories/28715 http://secunia.com/advisories/28733 http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9060483 http://www.kb.cert.org/vuls/id/776931 http://www.securityfocus.com/bid/27533 http://www.vupen.com/english/advisories/2008/0344/references • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 74%CPEs: 6EXPL: 1CVE-2008-0660 – FaceBook PhotoUploader - 'ImageUploader4.ocx 4.5.57.0' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-0660
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties. Múltiples desbordamientos de búfer basados en pila en el control ActiveX de Aurigma Image Uploader (ImageUploader4.ocx) versiones 4.6.17.0, 4.5.70.0 y 4.5.126.0 y en ImageUploader5 5.0.10.0, tal y como se usa en Facebook PhotoUploader 4.5.57.0, permiten a atacantes remotos ejecutar código de su elección mediante valores largos en las propiedades (1) ExtractExif y (2) ExtractIptc. • https://www.exploit-db.com/exploits/5049 http://seclists.org/fulldisclosure/2008/Feb/0023.html http://secunia.com/advisories/28707 http://secunia.com/advisories/28713 http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9060483 http://www.kb.cert.org/vuls/id/776931 http://www.securityfocus.com/bid/27576 http://www.securityfocus.com/bid/27577 http://www.securitytracker.com/id?1019297 http://www.vupen.com/english/advisories/2008/0391/references http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •