📦

image_uploader_activex_control

Vendor: aurigma

Actively Exploited 0 CISA KEV List

PoC / Exploits 2 Code Available

Total RCEs 3 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 33.19% Exploit Prob.

Latest CVE CVE-2008-1490 Mar 25

Security Vulnerability Index

Page 1 / 1

9.3 CVSS

CVE-2008-1490

RCE

Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659.

EPSS: 4.96%

Severity: HIGH

Mar 25, 2008

10.0 CVSS

CVE-2008-0659

RCE Exploit Found

Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property.

EPSS: 40.22%

Severity: HIGH

Feb 08, 2008

9.3 CVSS

CVE-2008-0660

RCE Exploit Found

Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.

EPSS: 54.39%

Severity: HIGH

Feb 08, 2008

Displaying 3 of 3 Total Entries

Total 1 Sections