CVE-2008-0659 – MySpace Uploader - 'MySpaceUploader.ocx 1.0.0.4' Remote Buffer Overflow

https://notcve.org/view.php?id=CVE-2008-0659

Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property. Desbordamiento de búfer basado en pila en el control ActiveX de Aurigma Image Uploader (ImageUploader4.ocx) versiones 4.5.70 y anteriores, como se usa en MySpace MySpaceUploader.ocx 1.0.0.4, permite a atacantes remotos ejecutar código arbitrario a través de una propiedad larga Action. • https://www.exploit-db.com/exploits/5025 http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx http://seclists.org/fulldisclosure/2008/Jan/0593.html http://secunia.com/advisories/28715 http://secunia.com/advisories/28733 http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9060483 http://www.kb.cert.org/vuls/id/776931 http://www.securityfocus.com/bid/27533 http://www.vupen.com/english/advisories/2008/0344/references • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •