Lucene search

K
cve[email protected]CVE-2008-1490
HistoryMar 25, 2008 - 7:44 p.m.

CVE-2008-1490

2008-03-2519:44:00
CWE-119
web.nvd.nist.gov
15
cve-2008-1490
buffer overflow
aurigma
imageuploader4.ocx
remote code execution
online services

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.662 Medium

EPSS

Percentile

97.9%

Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659.

Affected configurations

NVD
Node
aurigmaimage_uploader_activex_controlMatch4.1.36.0
OR
piczoimageuploader4Match4.1.36.0

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.662 Medium

EPSS

Percentile

97.9%

Related for CVE-2008-1490