Описание
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-0660
- https://www.exploit-db.com/exploits/5049
- http://seclists.org/fulldisclosure/2008/Feb/0023.html
- http://secunia.com/advisories/28707
- http://secunia.com/advisories/28713
- http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9060483
- http://www.kb.cert.org/vuls/id/776931
- http://www.securityfocus.com/bid/27576
- http://www.securityfocus.com/bid/27577
- http://www.securitytracker.com/id?1019297
- http://www.vupen.com/english/advisories/2008/0391/references
- http://www.vupen.com/english/advisories/2008/0394/references
Связанные уязвимости
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.