CVE-2008-4493

Microsoft Digital Image 2006 Starter Edition - Arbitrary File Upload via PicturePusher ActiveX Control

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-4493. PoCs published by Nine:Situations:Group.

AI-analyzed exploit summary This exploit leverages an unsafe ActiveX control (PicturePusher) in Microsoft Digital Image 2006 to craft arbitrary multipart/form-data POST requests, enabling file upload attacks via the browser. The PoC demonstrates how to inject a filename and content into a POST request, bypassing typical security restrictions.

Description

Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issue might only be exploitable in limited environments or non-default browser settings.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nine:Situations:Group · htmlremotewindows

https://www.exploit-db.com/exploits/6699

View Code ZIP pw:eip

This exploit leverages an unsafe ActiveX control (PicturePusher) in Microsoft Digital Image 2006 to craft arbitrary multipart/form-data POST requests, enabling file upload attacks via the browser. The PoC demonstrates how to inject a filename and content into a POST request, bypassing typical security restrictions.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Digital Image 2006 Starter Edition (PicturePusher ActiveX, PipPPush.DLL 7.00.0709)

No auth needed

Prerequisites: Victim must use IE6/IE7 with the vulnerable ActiveX control installed · ActiveX control must be marked as safe for scripting

MITRE ATT&CK