CVE-2008-1490

Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659.

Published: Mar 25, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-1490
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
piczo / imageuploader4	4.1.36.0	4.1.36.0.x
aurigma / image_uploader_activex_control	4.1.36.0	4.1.36.0.x

http://marc.info/?l=bugtraq&m=120605071403813&w=2
http://secunia.com/advisories/29445
http://www.securityfocus.com/bid/28354
https://exchange.xforce.ibmcloud.com/vulnerabilities/40152

Vulnerability Database

289,697

CVE-2008-1490