Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:2542B95B01C2A172622FDD93C7752DBD
HistoryMay 19, 2008 - 12:00 a.m.

Facebook PhotoUploader ActiveX control ExtractIptc buffer overflow

2008-05-1900:00:00
SAINT Corporation
www.saintcorporation.com
7

0.769 High

EPSS

Percentile

98.2%

JSON

Added: 05/19/2008
CVE: CVE-2008-0660
BID: 27576
OSVDB: 41073

Background

Facebook PhotoUploader is an ActiveX control which allows uploading of photos to the Facebook web site. It uses the Aurigma ImageUploader product.

Problem

A buffer overflow vulnerability in Facebook PhotoUploader allows command execution when a user loads a web page which sets a specially crafted ExtractIptc property.

Resolution

Upgrade to version 4.5.57.1 or higher.

References

<http://archives.neohapsis.com/archives/fulldisclosure/2008-02/0024.html&gt;
<http://secunia.com/advisories/28713&gt;

Limitations

Exploit works on Facebook PhotoUploader 4.5.57.0 and requires a user to load the exploit page in Internet Explorer.

Platforms

Windows

Related

cvelist 1
nvd 1
kaspersky 1
prion 1
cve 1
d2 1
checkpoint_advisories 2
saint 3
cert 1
nessus 1
cvelist
cvelist
CVE-2008-0660
2008-02-08 01:00:00
nvd
nvd
CVE-2008-0660
2008-02-08 02:00:00
kaspersky
kaspersky
KLA10079 ACE vulnerability in Aurigma Image Uploader
2008-02-07 00:00:00
prion
prion
Stack overflow
2008-02-08 02:00:00
cve
cve
CVE-2008-0660
2008-02-08 02:00:00
d2
d2
DSquare Exploit Pack: D2SEC_FACEBOOK
2008-02-08 02:00:00
checkpoint_advisories
checkpoint_advisories
Facebook Photo Uploader ActiveX Control FileMask Method Buffer Overflow - Ver2 (CVE-2008-0660)
2014-12-28 00:00:00
Facebook Photo Uploader ActiveX Control FileMask Method Buffer Overflow (CVE-2008-0660)
2009-12-14 00:00:00
saint
saint
Facebook PhotoUploader ActiveX control ExtractIptc buffer overflow
2008-05-19 00:00:00
Facebook PhotoUploader ActiveX control ExtractIptc buffer overflow
2008-05-19 00:00:00
Facebook PhotoUploader ActiveX control ExtractIptc buffer overflow
2008-05-19 00:00:00
cert
cert
Aurigma ImageUploader ActiveX control stack buffer overflows
2008-02-04 00:00:00
nessus
nessus
Facebook Photo Uploader ActiveX Control < 4.5.57.1 Multiple Buffer Overflows
2008-02-05 00:00:00

0.769 High

EPSS

Percentile

98.2%

JSON
Related for SAINT:2542B95B01C2A172622FDD93C7752DBD
cvelist1nvd1kaspersky1prion1cve1d21checkpoint_advisories2saint3cert1nessus1