15 matches found
GHSA-4QRP-27R3-66FJ Improper sanitize of SVG files during content upload ('Cross-site Scripting') in sylius/sylius
Impact There is a possibility to upload an SVG file containing XSS code in the admin panel. In order to perform an XSS attack, the file itself has to be opened in a new card or loaded outside of the IMG tag. The problem applies both to the files opened on the admin panel and shop pages. Patches T...
VulnCheck KEV: CVE-2008-1490
Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo aka Pizco and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than...
Facebook PhotoUploader ActiveX control ExtractIptc buffer overflow
Added: 05/19/2008 CVE: CVE-2008-0660 BID: 27576 OSVDB: 41073 Background Facebook PhotoUploader is an ActiveX control which allows uploading of photos to the Facebook web site. It uses the Aurigma ImageUploader product. Problem A buffer overflow vulnerability in Facebook PhotoUploader allows comma...
Facebook PhotoUploader ActiveX control ExtractIptc buffer overflow
Added: 05/19/2008 CVE: CVE-2008-0660 BID: 27576 OSVDB: 41073 Background Facebook PhotoUploader is an ActiveX control which allows uploading of photos to the Facebook web site. It uses the Aurigma ImageUploader product. Problem A buffer overflow vulnerability in Facebook PhotoUploader allows comma...
Facebook PhotoUploader ActiveX control ExtractIptc buffer overflow
Added: 05/19/2008 CVE: CVE-2008-0660 BID: 27576 OSVDB: 41073 Background Facebook PhotoUploader is an ActiveX control which allows uploading of photos to the Facebook web site. It uses the Aurigma ImageUploader product. Problem A buffer overflow vulnerability in Facebook PhotoUploader allows comma...
FaceBook / Aurigma Image / PhotoUploader / Piczo ImageUploader / ActiveX buffer overflow
Multiple buffer overflows in different properties...
CVE-2008-0660
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control ImageUploader4.ocx 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long 1 ExtractExif and 2 ExtractIptc...
CVE-2008-0659
CVE-2008-0659 is a stack-based buffer overflow in Aurigma ImageUploader ActiveX control (ImageUploader4.ocx) up to version 4.5.70 and in MySpaceUploader.ocx 1.0.0.4, enabling remote code execution via a long Action property. Connected sources confirm the affected component and versions and descri...
[Full-disclosure] FaceBook/Aurigma Image/PhotoUploader Buffer Overflow
Who: FaceBook http://www.facebook.com Aurigma http://www.aurigma.com What: FaceBook uses Aurigma's ImageUploader control. This control enables users to upload photos to FaceBook. How: Please note that this vulnerability is DIFFERENT than the one that I previously posted. This also affects the sto...
Aurigma ImageUploader ActiveX control stack buffer overflows
Overview The Aurigma ImageUploader ActiveX control contains multiple stack buffer overflow vulnerabilities, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Aurigma ImageUploader is an ActiveX control that provides the ability to upload pictures usin...
Aurigma Image Uploader ImageUploader4.ocx ActiveX控件栈溢出漏洞
BUGTRAQ ID: 27539,27534,27533 Image Uploader是很多站点都在使用的用于上传文件的工具,MySpace重新包装了这个控件提供图形上传支持。 Image Uploader ActiveX控件实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户系统。 MySpace.Uploader.4.1...
MySpace Uploader (MySpaceUploader.ocx 1.0.0.4) BOF Exploit
No description provided by source. !-- MySpace Uploader Buffer Overflow Exploit written by e.b. Tested on Windows XP SP2fully patched English, IE6 MySpaceUploader.ocx version 1.0.0.4: 48DD0448-9209-4F81-9F6D-D83562940134...
aurigma-overflows.txt
There are multiple stack overflows in the Aurigma ImageUploader 4.1 ActiveX control. I believe this control was installed by www.dotphoto.com. PoC as follows: ----------------------- function Check var s = "AAAA"; while s.length ----------------------- Elazar...
Aurigma ImageUploader ActiveX image uploader
Buffer overflows in GotoFolder / CanGotoFolder methods...
[Full-disclosure] Aurigma ImageUploader 4.1 Multiple stack overflows
There are multiple stack overflows in the Aurigma ImageUploader 4.1 ActiveX control. I believe this control was installed by www.dotphoto.com. PoC as follows: ----------------------- !-- written by e.b. -- html head script language="JavaScript" DEFER function Check var s = "AAAA"; while s.length...