CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
98.0%
Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659.
Vendor | Product | Version | CPE |
---|---|---|---|
aurigma | image_uploader_activex_control | 4.1.36.0 | cpe:2.3:a:aurigma:image_uploader_activex_control:4.1.36.0:*:*:*:*:*:*:* |
piczo | imageuploader4 | 4.1.36.0 | cpe:2.3:a:piczo:imageuploader4:4.1.36.0:*:*:*:*:*:*:* |