CVE-2008-0660 Information
Description
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0 4.5.70.0 and 4.5.126.0 and ImageUploader5 5.0.10.0 as used by Facebook PhotoUploader 4.5.57.0 allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
Reference
http://seclists.org/fulldisclosure/2008/Feb/0023.html http://secunia.com/advisories/28707 http://secunia.com/advisories/28713 http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9060483 http://www.kb.cert.org/vuls/id/776931 http://www.securityfocus.com/bid/27576 http://www.securityfocus.com/bid/27577 http://www.securitytracker.com/id?1019297 http://www.vupen.com/english/advisories/2008/0391/references http://www.vupen.com/english/advisories/2008/0394/references https://www.exploit-db.com/exploits/5049
Share on: