CVE-2008-1490

EXPLOITED

Aurigma ActiveX 4.1.36.0 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2008-1490 has been observed exploited in the wild (reported by VulnCheck KEV).

Description

Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/28354
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/40152
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=120605071403813&w=2
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29445

Scores

EPSS 0.0397
EPSS Percentile 89.3%

Details

VulnCheck KEV 2010-05-01
CWE
CWE-119
Status published
Products (2)
aurigma/image_uploader_activex_control 4.1.36.0
piczo/imageuploader4 4.1.36.0
Published Mar 25, 2008
Tracked Since Feb 18, 2026