CyberSec.Space Logo
Back to CVE Browser

CVE-2008-1490

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1760%
EPSS Percentile24.15th
PublishedMar 25, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659.

Affected Platforms (CPE)

πŸ“¦
Aurigma

Image Uploader Activex Control

= 4.1.36.0
πŸ“¦
Piczo

Imageuploader4

= 4.1.36.0

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=120605071403813&w=2
πŸ”— http://secunia.com/advisories/29445
πŸ”— http://www.securityfocus.com/bid/28354
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/40152
πŸ”— http://marc.info/?l=bugtraq&m=120605071403813&w=2
πŸ”— http://secunia.com/advisories/29445
πŸ”— http://www.securityfocus.com/bid/28354
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/40152

Related Vulnerabilities

CVE-2008-065910.0

Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace ...

CVE-2008-06609.3

Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.1...

CVE-2008-66388.8

Insecure method vulnerability in the Versalsoft HTTP Image Uploader ActiveX control (UUploaderSvrD.dll 6.0.0.35) allows remote att...

CVE-2008-44936.8

Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows ...