Aurigma Image Uploader Activex Control vulnerabilities
3 known vulnerabilities affecting aurigma/image_uploader_activex_control.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL3
Vulnerabilities
Page 1 of 1
CVE-2008-1490P2CRITICALCVSS 9.3Exploitedv4.1.36.02008-03-25
CVE-2008-1490 [CRITICAL] CVE-2008-1490: Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Pi
Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659.
nvd
CVE-2008-0659P3CRITICALCVSS 10.0PoC≤ 4.5.702008-02-08
CVE-2008-0659 [CRITICAL] CWE-119 CVE-2008-0659: Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 an
Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property.
nvd
CVE-2008-0660P3CRITICALCVSS 9.3PoCv4.5.70.0v4.5.126.0+2 more2008-02-08
CVE-2008-0660 [CRITICAL] CWE-119 CVE-2008-0660: Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx)
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
nvd