CyberSec.Space Logo
Back to CVE Browser

CVE-2008-0659

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1920%
EPSS Percentile19.92th
PublishedFeb 8, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property.

Affected Platforms (CPE)

πŸ“¦
Aurigma

Image Uploader Activex Control

<= 4.5.70
πŸ“¦
Myspace

Myspaceuploader

= 1.0.0.4

References & Advisories

πŸ”— http://blogs.aurigma.com/post/2008/01/Another-security-problem---oh%2c-not-again.aspx
πŸ”— http://seclists.org/fulldisclosure/2008/Jan/0593.html
πŸ”— http://secunia.com/advisories/28715
πŸ”— http://secunia.com/advisories/28733
πŸ”— http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9060483
πŸ”— http://www.kb.cert.org/vuls/id/776931
πŸ”— http://www.securityfocus.com/bid/27533
πŸ”— http://www.vupen.com/english/advisories/2008/0344/references

Related Vulnerabilities

CVE-2008-06609.3

Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.1...

CVE-2008-66388.8

Insecure method vulnerability in the Versalsoft HTTP Image Uploader ActiveX control (UUploaderSvrD.dll 6.0.0.35) allows remote att...

CVE-2008-44936.8

Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows ...

CVE-2008-45492.6

The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in ImageShack Toolbar 4.5.7, possibly including 4.5.7.69, allows re...