CVSS: 9.3EPSS: 4%CPEs: 2EXPL: 0CVE-2008-1490
https://notcve.org/view.php?id=CVE-2008-1490
Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659. Desbordamiento de búfer en Arigma, un control Active X determinado de ImageUploader4.ocx 4.1.36.0, usado con Piczo (también conocido como Pizco) y posiblemente otros servicios en línea, permite a atacantes remotos ejecutar código de su elección mediante vectores sin especificar, posiblemente implicando una propiedad larga Action, una CLSID diferente de la CVE-2008-0659. • http://marc.info/?l=bugtraq&m=120605071403813&w=2 http://secunia.com/advisories/29445 http://www.securityfocus.com/bid/28354 https://exchange.xforce.ibmcloud.com/vulnerabilities/40152 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 65%CPEs: 2EXPL: 2CVE-2008-0659 – MySpace Uploader - 'MySpaceUploader.ocx 1.0.0.4' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-0659
Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property. Desbordamiento de búfer basado en pila en el control ActiveX de Aurigma Image Uploader (ImageUploader4.ocx) versiones 4.5.70 y anteriores, como se usa en MySpace MySpaceUploader.ocx 1.0.0.4, permite a atacantes remotos ejecutar código arbitrario a través de una propiedad larga Action. • https://www.exploit-db.com/exploits/5025 http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx http://seclists.org/fulldisclosure/2008/Jan/0593.html http://secunia.com/advisories/28715 http://secunia.com/advisories/28733 http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9060483 http://www.kb.cert.org/vuls/id/776931 http://www.securityfocus.com/bid/27533 http://www.vupen.com/english/advisories/2008/0344/references • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •