Unrated severityNVD Advisory· Published Feb 8, 2008· Updated Apr 23, 2026

CVE-2008-0660

Description

Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.

Affected products

Aurigma/Image Uploader Activex Control4 versions
cpe:2.3:a:aurigma:image_uploader_activex_control:4.5.126.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:aurigma:image_uploader_activex_control:4.5.126.0:*:*:*:*:*:*:*
- cpe:2.3:a:aurigma:image_uploader_activex_control:4.5.70.0:*:*:*:*:*:*:*
- cpe:2.3:a:aurigma:image_uploader_activex_control:4.6.17.0:*:*:*:*:*:*:*
- cpe:2.3:a:aurigma:image_uploader_activex_control:5.0.10.0:*:*:*:*:*:*:*
Facebook/Facebook
cpe:2.3:a:facebook:facebook:*:*:*:*:*:*:*:*
Facebook/Photouploader
cpe:2.3:a:facebook:photouploader:4.5.57.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/28707nvdVendor Advisory
secunia.com/advisories/28713nvdVendor Advisory
www.kb.cert.org/vuls/id/776931nvdUS Government Resource
seclists.org/fulldisclosure/2008/Feb/0023.htmlnvd
www.computerworld.com/action/article.donvd
www.securityfocus.com/bid/27576nvd
www.securityfocus.com/bid/27577nvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2008/0391/referencesnvd
www.vupen.com/english/advisories/2008/0394/referencesnvd
www.exploit-db.com/exploits/5049nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.044
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000