1. Home
  2. CVE Database
  3. CVE-2008-0660
HIGH · 9.3

CVE-2008-0660

Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4...

Vulnerability Description

Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
AurigmaImage Uploader Activex Control4.5.70.0
FacebookFacebookAll versions
FacebookPhotouploader4.5.57.0

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2008-0660?

CVE-2008-0660 is a vulnerability with a CVSS score of 9.3 (HIGH). Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4...

How severe is CVE-2008-0660?

CVE-2008-0660 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-0660?

Check the references section above for vendor advisories and patch information. Affected products include: Aurigma Image Uploader Activex Control, Facebook Facebook, Facebook Photouploader.